Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icehrm vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-34243
A stored cross site scripting (XSS) vulnerability exists in Ice Hrm 29.0.0.OS which allows malicious users to execute arbitrary web scripts or HTML via a crafted file uploaded into the Document Management tab. The exploit is triggered when a user visits the upload location of the...
Icehrm Icehrm 29.0.0.os
383
VMScore
CVE-2020-9271
ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php.
Icehrm Icehrm 26.2.0.os
1 Github repository
605
VMScore
CVE-2020-9270
ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php.
Icehrm Icehrm 26.2.0.os
1 Github repository
383
VMScore
CVE-2021-35045
Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, allows malicious users to execute arbitrary code via the parameters to the /app/ endpoint.
Icehrm Icehrm 29.0.0.os
578
VMScore
CVE-2020-6114
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to tr...
Icehrm Icehrm 26.6.0.os
NA
CVE-2022-265881
ICEHRM version 31.0.0.0S cross site request forgery exploit that demonstrates account deletion. This finding varies from the original finding of cross site request forgery in the same software from the same researcher.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2