Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
hrsale vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-27993
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files....
NA
CVE-2020-29053
HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter....
355
VMScore
CVE-2018-10259
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user....
1 EDB exploit available
655
VMScore
CVE-2018-10256
A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query....
1 EDB exploit available
655
VMScore
CVE-2018-10260
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user....
1 EDB exploit available
655
VMScore
CVE-2018-10257
A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution....
1 EDB exploit available
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
overflow
CVE-2021-24122
firewall
CVE-2021-21010
CVE-2021-0219
CVE-2020-14101
HTML injection
CVE-2020-6207
envira gallery
CVE-2021-0220
enviragallery
Vulmon