Payroll Security Vulnerabilities
A vulnerability was found in itsourcecode Payroll Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file print_payroll.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has...
6.3CVSS
6.8AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in SourceCodester Online Payroll System 1.0. This affects an unknown part of the file /admin/employee_add.php. The manipulation of the argument of leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has....
6.1CVSS
5.9AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Payroll System 1.0. This issue affects some unknown processing of the file /admin/employee_edit.php. The manipulation of the argument of leads to cross site scripting. The attack may be initiated...
6.1CVSS
6AI Score
0.001EPSS
A vulnerability was found in SourceCodester Online Payroll System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cashadvance_row.php. The manipulation of the argument id leads to sql injection. The attack can be launched...
9.8CVSS
9.7AI Score
0.005EPSS
A vulnerability was found in SourceCodester Online Payroll System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The...
9.8CVSS
9.6AI Score
0.005EPSS
A vulnerability classified as problematic was found in SourceCodester Online Payroll System 1.0. This vulnerability affects unknown code of the file /admin/deduction_edit.php. The manipulation of the argument description leads to cross site scripting. The attack can be initiated remotely. The...
6.1CVSS
6AI Score
0.001EPSS
A vulnerability was found in SourceCodester Online Payroll System 1.0 and classified as critical. This issue affects some unknown processing of the file attendance.php. The manipulation of the argument employee leads to sql injection. The attack may be initiated remotely. The exploit has been...
9.8CVSS
9.8AI Score
0.005EPSS
A vulnerability has been found in SourceCodester Online Payroll System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/deduction_row.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...
9.8CVSS
9.7AI Score
0.005EPSS
A vulnerability was found in SourceCodester Online Payroll System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/attendance_row.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit...
9.8CVSS
9.8AI Score
0.005EPSS
A vulnerability, which was classified as critical, was found in SourceCodester Online Payroll System 1.0. This affects an unknown part of the file /admin/employee_row.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
9.8CVSS
9.7AI Score
0.005EPSS
A vulnerability was found in SourceCodester Simple Payroll System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=admin of the component POST Parameter Handler. The manipulation of the argument fullname leads to cross...
4.8CVSS
4.9AI Score
0.001EPSS
Unspecified vulnerability in SAP Payroll Process allows remote attackers to cause a denial of service via vectors related to session...
6.7AI Score
0.002EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.001EPSS
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component...
8.8CVSS
8.9AI Score
0.002EPSS
Payroll Management System v1.0 was discovered to contain a SQL injection vulnerability via the username...
9.8CVSS
9.7AI Score
0.002EPSS
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login...
9.8CVSS
9.8AI Score
0.004EPSS
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo...
9.8CVSS
9.6AI Score
0.035EPSS
The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no security and...
9.8CVSS
9.6AI Score
0.009EPSS
Sage X3 Installation Pathname Disclosure. A specially crafted packet can elicit a response from the AdxDSrv.exe component that reveals the installation directory of the product. Note that this vulnerability can be combined with CVE-2020-7388 to achieve full RCE. This issue was fixed in AdxAdmin...
5.3CVSS
6.4AI Score
0.196EPSS
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While exploiting this does require knowledge of the installation path, that information can be learned by...
10CVSS
7.5AI Score
0.196EPSS
Vulnerability in the Oracle Payables product of Oracle E-Business Suite (component: India Localization, Results). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
8.1CVSS
8.2AI Score
0.001EPSS
Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Security). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM....
6.3CVSS
5.9AI Score
0.001EPSS
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in...
7.5CVSS
8.1AI Score
0.006EPSS
Vulnerability in the Oracle Payables component of Oracle E-Business Suite (subcomponent: Self Service Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows high privileged attacker with network access....
6.5CVSS
6.7AI Score
0.001EPSS
PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in cal.php. NOTE: the provenance of this information is unknown; the details are obtained solely...
7.7AI Score
0.007EPSS
Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in (1) footer.php and (2)...
8AI Score
0.144EPSS
Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and payment data. NOTE: the provenance of this information is unknown; the details are obtained solely...
5.9AI Score
0.0004EPSS
Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne.....
7.5AI Score
0.847EPSS