Vulners
Lucene search
CVE-2025-4745
šļøĀ 16 May 2025Ā 04:00:07Reported byĀ VulDBTypeĀ 
Ā cvešĀ web.nvd.nist.govšĀ 22Ā Viewsš WEB
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2025-4745 | 16 May 202504:33 | ā | circl |
 | Code-Projects Employee Record System 代ē ę³Øå „ę¼ę“ | 16 May 202500:00 | ā | cnnvd |
 | Employee Record System current_employees.php file cross-site scripting vulnerability | 22 May 202500:00 | ā | cnvd |
 | CVE-2025-4745 code-projects Employee Record System current_employees.php cross site scripting | 16 May 202504:00 | ā | cvelist |
 | EUVD-2025-15400 | 3 Oct 202520:07 | ā | euvd |
 | CVE-2025-4745 | 16 May 202504:15 | ā | nvd |
 | PT-2025-21603 Ā· Unknown Ā· Code-Projects Employee Record System | 16 May 202500:00 | ā | ptsecurity |
 | CVE-2025-4745 | 18 May 202504:03 | ā | redhatcve |
 | CVE-2025-4745 code-projects Employee Record System current_employees.php cross site scripting | 16 May 202504:00 | ā | vulnrichment |
Node
[
{
"vendor": "code-projects",
"product": "Employee Record System",
"versions": [
{
"version": "1.0",
"status": "affected"
}
]
}
]| Source | Link |
|---|---|
| vuldb | www.vuldb.com/ |
| github | www.github.com/872323857/CVE/blob/main/employee-record-system-xss2.pdf |
| code-projects | www.code-projects.org/ |
| vuldb | www.vuldb.com/ |
| vuldb | www.vuldb.com/ |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| employeed_id | query param | current_employees.php | Cross-site scripting due to unsanitized input in employee fields (employeed_id/first_name/middle_name/last_name) in current_employees.php, exploitable remotely. | CWE-79,Ā CWE-94 |
| first_name | query param | current_employees.php | Cross-site scripting due to unsanitized input in employee fields (employeed_id/first_name/middle_name/last_name) in current_employees.php, exploitable remotely. | CWE-79,Ā CWE-94 |
| middle_name | query param | current_employees.php | Cross-site scripting due to unsanitized input in employee fields (employeed_id/first_name/middle_name/last_name) in current_employees.php, exploitable remotely. | CWE-79,Ā CWE-94 |
| last_name | query param | current_employees.php | Cross-site scripting due to unsanitized input in employee fields (employeed_id/first_name/middle_name/last_name) in current_employees.php, exploitable remotely. | CWE-79,Ā CWE-94 |
Data
Build on a solid foundation withĀ Vulners data
WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data
Api
Power your application withĀ Vulners API
The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access
App
Assess and manage vulnerabilities withĀ VulnersĀ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 May 2025 15:21Current
6.2Medium risk
Vulners AI Score6.2
CVSS 3.13.5 - 5.4
CVSS 24
CVSS 45.1
CVSS 33.5
EPSS0.00157
SSVC