2 matches found
CVE-2024-7269
CVE-2024-7269 pertains to ConnX ESP HR Management and is a Stored XSS vulnerability in the "Update of Personal Details" form. Affected are ESP HR Management versions prior to 6.6. The root cause is improper neutralization of input during web page generation, enabling an attacker to inject script ...
CVE-2015-4043
CVE-2015-4043 describes a SQL injection in ConnX ESP HR Management 4.4.0. The vulnerability is exploitable remotely via the parameter ctl00$cphMainContent$txtUserName in frmLogin.aspx, allowing execution of arbitrary SQL commands. Affected component: the login page handling on ConnX ESP HR Manage...