Vulnerabilities (CVE)

Filtered by vendor Hrsale Project Subscribe
Filtered by product Hrsale
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10260 1 Hrsale Project 1 Hrsale 2024-11-21 6.5 MEDIUM 8.8 HIGH
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
CVE-2018-10259 1 Hrsale Project 1 Hrsale 2024-11-21 3.5 LOW 5.4 MEDIUM
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
CVE-2018-10257 1 Hrsale Project 1 Hrsale 2024-11-21 6.5 MEDIUM 8.8 HIGH
A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
CVE-2018-10256 1 Hrsale Project 1 Hrsale 2024-11-21 6.5 MEDIUM 8.8 HIGH
A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.