# Exploit Title: Reflected XSS – HRworks Login (v1.16.1)
# Vendor Homepage: https://www.hrworks.de
# Exploit Author: Georg Philipp Erasmus Heise / Lufthansa Industry Solutions
# Contact: https://twitter.com/gpheheise
# Website: https://www.lufthansa-industry-solutions.com
# Category: webapps
codeBeamer – Stored Cross-Site Scripting
===
Identifiers
-
* CVE-2019-19912
CVSSv3 score
-
6.4 (AV:N/AC:L/PR:H/UI:R/S:U/
codeBeamer – Stored Cross-Site Scripting
===
Identifiers
-
* CVE-2019-19913
CVSSv3 score
-
6.4
([AV:N/AC:L/PR:H/UI:R/S:
Matrix42 Workspace Management 9.1.2.2765 – Stored Cross-Site Scripting
===
Identifiers
-
CVE-2019-19500
CVSSv3 score
-
9
Matrix42 Workspace Management 9.1.2.2765 – Reflected Cross-Site Scripting
===
Identifiers
-
* CVE-2019-19913
CVSSv3 score
---
Matrix42 Workspace Management 9.1.2.2765 – Reflected Cross-Site Scripting
===
Identifiers
-
CVE-2019-19390
CVSSv3 score
-
Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default
Password
===
Identifiers
-
CVE-2020-11720
Vendor
--
Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with
guessable static encryption key
===
Identifiers
-
CVE-2020-11719
Vendor
Programi Bilanc - Build 007 Release 014 31.01.2020 - Multiple SQL Injections
=
Identifiers
-
CVE-2020-11717
Vendor
-
Bal
Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with
guessable static encryption key
===
Identifiers
-
CVE-2020-8995
Vendor
-
Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update packages
are downloaded via unencrypted HTTP
===
Identifiers
-
CVE-2020-11718
Vendor
--
11 matches
Mail list logo