CVE-2026-12130 CodeAstro Human Resource Management System Projects Management Add_Projects cross site scripting

A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...

CVE-2026-12130

CodeAstro Human Resource Management System 1.0 is affected in the Projects Management Page (file /Projects/Add_Projects). The vulnerability is a stored/reflected cross-site scripting described as caused by manipulation of the protitle argument. The attack can be launched remotely and an exploit h...

CVE-2013-5748

Cross-site request forgery CSRF vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an addproject action...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an addproject action...

CVE-2013-5748

Cross-site request forgery CSRF vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an addproject action...