exploit the possibilities
Showing 1 - 25 of 36 RSS Feed

Files

HRSALE The Ultimate HRM 1.0.2 CSV Injection
Posted Apr 26, 2018
Authored by 8bitsec

HRSALE The Ultimate HRM version 1.0.2 suffers from a CSV injection vulnerability.

tags | exploit
advisories | CVE-2018-10257
MD5 | 10a6a695426e8a25578ed2794f5f5fdb

Related Files

ICE HRM 23.0 SQL / Iframe Injection
Posted Mar 15, 2019
Authored by Mehmet Emiroglu

ICE HRM version 23.0 suffers from remote SQL injection and iframe injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 88f32bcf40b75d3ec675f719b69058c2
Ubuntu Security Notice USN-3853-1
Posted Jan 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3853-1 - Ben Fuhrmannek discovered that GnuPG incorrectly handled Web Key Directory lookups. A remote attacker could possibly use this issue to cause a denial of service, or perform Cross-Site Request Forgery attacks.

tags | advisory, remote, web, denial of service, csrf
systems | linux, ubuntu
advisories | CVE-2018-1000858
MD5 | 9dff487091705ecddb0783a58af51804
Advanced HRM 1.6 Remote Code Execution
Posted Oct 15, 2018
Authored by Renos Nikolaou

Advanced HRM version 1.6 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 09137038b10714cd9ca50d251fcc4cb8
Sentrifugo HRMS 3.2 SQL Injection
Posted Aug 27, 2018
Authored by Javier Olmedo

Sentrifugo HRMS version 3.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 75109311c86f8a28209fc71033934ee5
HRSALE The Ultimate HRM 1.0.2 Cross Site Scripting
Posted Apr 26, 2018
Authored by 8bitsec

HRSALE The Ultimate HRM version 1.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-10259
MD5 | 99b5f4f3d0fea051e03aa7c5af9d1642
HRSALE The Ultimate HRM 1.0.2 Local File Inclusion
Posted Apr 26, 2018
Authored by 8bitsec

HRSALE The Ultimate HRM version 1.0.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2018-10260
MD5 | e6040929e102625a337987f30072da4c
HRSALE The Ultimate HRM 1.0.2 SQL Injection
Posted Apr 26, 2018
Authored by 8bitsec

HRSALE The Ultimate HRM version 1.0.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-10256
MD5 | 6569018432ec37264d5e3000e1b9ba11
Ubuntu Security Notice USN-3398-1
Posted Aug 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3398-1 - Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778
MD5 | 1ece36edb670fe9f149e370c636c688d
Ubuntu Security Notice USN-3271-1
Posted Apr 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3271-1 - Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service or possible execute arbitrary code. Nicolas Gregoire discovered that Libxslt mishandled namespace nodes. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-7995, CVE-2016-1683, CVE-2016-1684, CVE-2016-1841, CVE-2016-4738, CVE-2017-5029
MD5 | dad66d7aca6f0a320a5b0456148ee52d
Debian Security Advisory 3477-1
Posted Feb 15, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3477-1 - Holger Fuhrmannek discovered that missing input sanitising in the Graphite font rendering engine could result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-1523
MD5 | 7f907ff6b4b27b975c0c3ad5793e364d
OrangeHRM 3.3.1 Unauthorized Data Manipulation
Posted Sep 28, 2015
Authored by vishnu raju

OrangeHRM versions 3.3.1 and below suffer from an unauthorized data manipulation vulnerability.

tags | advisory
MD5 | ed41ef73c5f10033dcc90d8dfe0073f9
OrangeHRM Cross Site Scripting / SQL Injection
Posted Apr 10, 2015
Authored by Rehan Ahmed

OrangeHRM versions Opensource 3.2.1 and Professional / Enterprise 4.11 suffer from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | d8461be9dcf1cd6699fbe3476c82afaa
UNIT4 Prosoft HRMS 8.14.230.47 Cross Site Scripting
Posted Feb 13, 2015
Authored by Jerold Hoong, Edric Teo

UNIT4 Prosoft HRMS version 8.14.230.47 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e172705e7509e1f6ab6323ee7d46233a
Ubuntu Security Notice USN-2458-2
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2458-2 - USN-2458-1 fixed vulnerabilities in Firefox. This update provides the corresponding version of Ubufox. Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary, vulnerability, csrf
systems | linux, ubuntu
advisories | CVE-2014-8636, CVE-2014-8637, CVE-2014-8638, CVE-2014-8639, CVE-2014-8640, CVE-2014-8641, CVE-2014-8642
MD5 | da23b7fdac60955ee2c6885cc567f392
IceHrm 7.1 LFI / CSRF / XSS / Shell Upload
Posted Dec 8, 2014
Authored by LiquidWorm | Site zeroscience.mk

IceHrm versions 7.1 and below suffer from cross site request forgery, cross site scripting, local file inclusion, and code execution via remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, code execution, xss, file inclusion, csrf
MD5 | 5cc006e8433b36ec6c7b4f5109a16a35
OrangeHRM 3.1.1 Cross Site Scripting
Posted Feb 28, 2014
Authored by HauntIT

OrangeHRM version 3.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 20789db5c89a9555e1020f00f215cabd
Secunia Security Advisory 51888
Posted Jan 17, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle PeopleSoft Enterprise HRMS, which can be exploited by malicious people to manipulate certain data and disclose potentially sensitive data.

tags | advisory, vulnerability
MD5 | f11600f2ab61e00d5f310a1de91bb695
OrangeHRM 2.7.1 Cross Site Scripting
Posted Jan 11, 2013
Authored by SBV Research

Orange HRM version 2.7.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | f103370b039c59f1b252668920c61f3f
OrangeHRM 2.7.1-rc.1 Cross Site Request Forgery / SQL Injection
Posted Nov 7, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

OrangeHRM version 2.7.1-rc.1 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
advisories | CVE-2012-5367
MD5 | 45f3af6ee7bb217c56169239eaff97c8
Secunia Security Advisory 49950
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System (HRMS), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | 9faa813687cb112480e1cffb93d5ab2b
Secunia Security Advisory 49072
Posted May 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in OrangeHRM, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 28f2f683cc9110600bfc173d029269ff
OrangeHRM 2.6.11 Cross Site Scripting / SQL Injection
Posted Dec 1, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

OrangeHRM version 2.6.11 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | e9c91930b798290fbbb270f37fcb3530
Secunia Security Advisory 47014
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in OrangeHRM, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | dc41a2ad0f25378c562f0662e0ac2c18
Secunia Security Advisory 45321
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System (HRMS), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | 2e478fde2188acfd296249a6d31f9b7d
Secunia Security Advisory 44326
Posted Apr 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in OrangeHRM, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | f8b756289f973f3089dc045a76b76590
Page 1 of 2
Back12Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    30 Files
  • 11
    Dec 11th
    8 Files
  • 12
    Dec 12th
    20 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close