Vulnerabilities > Ezhrs
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-14 | CVE-2006-6525 | SQL-Injection vulnerability in HR Assist SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the password parameter. | 7.5 |
2006-12-14 | CVE-2006-6524 | SQL-Injection vulnerability in HR Assist SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the Uname (UserName) parameter. | 7.5 |