Hrsale Project: >> Hrsale Security Vulnerabilities
A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-05-01
A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-05-01
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-05-01
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
CVSS Score
8.8
EPSS Score
0.021
Published
2018-05-01