Hrsale Project Hrsale vulnerabilities
4 known vulnerabilities affecting hrsale_project/hrsale.
Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-10260P3HIGHCVSS 8.8PoCv1.0.22018-05-01
CVE-2018-10260 [HIGH] CWE-20 CVE-2018-10260: A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a l
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
nvd
CVE-2018-10256P3HIGHCVSS 8.8PoCv1.0.22018-05-01
CVE-2018-10256 [HIGH] CWE-89 CVE-2018-10256: A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user wi
A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.
nvd
CVE-2018-10257P3HIGHCVSS 8.8PoCv1.0.22018-05-01
CVE-2018-10257 [HIGH] CWE-1236 CVE-2018-10257: A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user wi
A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
nvd
CVE-2018-10259P4MEDIUMCVSS 5.4PoCv1.0.22018-05-01
CVE-2018-10259 [MEDIUM] CWE-79 CVE-2018-10259: An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable b
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
nvd