Vulnerabilities > Ezhrs

DATE CVE VULNERABILITY TITLE RISK
2006-12-14 CVE-2006-6525 SQL-Injection vulnerability in HR Assist
SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the password parameter.
network
low complexity
ezhrs
7.5
2006-12-14 CVE-2006-6524 SQL-Injection vulnerability in HR Assist
SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the Uname (UserName) parameter.
network
low complexity
ezhrs
7.5