Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hrsale vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-27993
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files.
Hrsale Hrsale 2.0.0
4.3
CVSSv2
CVE-2020-29053
HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter.
Hrsale Hrsale 2.0.0
6.5
CVSSv2
CVE-2018-10256
A SQL Injection vulnerability exists in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
6.5
CVSSv2
CVE-2018-10257
A CSV Injection vulnerability exists in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
3.5
CVSSv2
CVE-2018-10259
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
6.5
CVSSv2
CVE-2018-10260
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started