Lucene search
Hrsale Project Security Vulnerabilities
cve
A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.
8.8CVSS
8.9AI Score
0.001EPSS
2018-05-01 07:29 PM
30
cve
A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
8.8CVSS
8.9AI Score
0.001EPSS
2018-05-01 07:29 PM
32
cve
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
5.4CVSS
5.1AI Score
0.001EPSS
2018-05-01 07:29 PM
33
cve
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
8.8CVSS
8.5AI Score
0.006EPSS
2018-05-01 07:29 PM
32