Vulnerabilities > Hrsale Project

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-01	CVE-2018-10260	Improper Input Validation vulnerability in Hrsale Project Hrsale 1.0.2 A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. network low complexity hrsale-project CWE-20	8.8
2018-05-01	CVE-2018-10259	Cross-site Scripting vulnerability in Hrsale Project Hrsale 1.0.2 An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. network low complexity hrsale-project CWE-79	5.4
2018-05-01	CVE-2018-10257	Improper Neutralization of Formula Elements in a CSV File vulnerability in Hrsale Project Hrsale 1.0.2 A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution. local low complexity hrsale-project CWE-1236	8.8
2018-05-01	CVE-2018-10256	SQL Injection vulnerability in Hrsale Project Hrsale 1.0.2 A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query. network low complexity hrsale-project CWE-89	8.8

Vulnerabilities > Hrsale Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hrsale Project"}]}