CVE-2026-7116 code-projects Employee Management System mark.php cross site scripting

A security flaw has been discovered in code-projects Employee Management System 1.0. This issue affects some unknown processing of the file 370project/mark.php. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released ...

CVE-2026-7114

The vulnerability affects code-projects Employee Management System 1.0, specifically the file 370project/edit.php. An attacker can manipulate the argument ID to trigger an SQL injection, with remote exploitability. Public disclosure of the exploit is noted. No remediation or patch details are pro...

CVE-2026-7095 code-projects Employee Management System edit.php cross site scripting

A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...

EUVD-2021-32998

Malicious code in bioql PyPI...

EUVD-2024-47030

Malicious code in bioql PyPI...

Rems Employee Management System 安全漏洞

Rems Employee Management System is an employee management system from Rems, Inc. A security vulnerability exists in Rems Employee Management System version 1.0, which originates from the injection of a malicious payload into the department name field and could lead to a clickjacking attack...

CVE-2025-7127

A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to initiate the attack...

CVE-2025-1167

A vulnerability was found in Mayuri K Employee Management System up to 192.168.70.3 and classified as critical. Affected by this issue is some unknown functionality of the file /hrsoft/admin/UpdateUser.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-5896

A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function saveusers of the file /classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. It is possible to launch the atta...

SourceCodester Best Employee Management System 安全漏洞

SourceCodester Best Employee Management System is a SourceCodester open source employee management system. A security vulnerability exists in SourceCodester Best Employee Management System version 1.0, which originates from an unrestricted file upload vulnerability in the websiteimage parameter i...

Employee and Visitor Gate Pass Logging System SQL Injection Vulnerability

Employee and Visitor Gate Pass Logging System is an employee and visitor pass logging system developed by Carlo Montero, an individual developer. An SQL injection vulnerability exists in Employee and Visitor Gate Pass Logging System version 1.0, which stems from a parameter id in the file...

Employee and Visitor Gate Pass Logging System SQL Injection Vulnerability

Employee and Visitor Gate Pass Logging System is an employee and visitor pass logging system developed by Carlo Montero. An SQL injection vulnerability exists in Employee and Visitor Gate Pass Logging System version 1.0, which is caused by an unknown part of the saveusers function in...

SourceCodester Employee Management System SQL Injection Vulnerability

SourceCodester Employee Management System is a php-based website builder for employee performance management from SourceCodester. A SQL injection vulnerability exists in SourceCodester Employee Management System version 1.0, which is caused by a sql injection vulnerability in the txtfullname...

CVE-2017-17994

Biometric Shift Employee Management System has an XSS vulnerability in the criteria parameter accessible via index.php?user=competency_criteria. The issue is a cross-site scripting flaw described in CNVD-2018-01396 and corroborated by related records, allowing injected scripts to be executed in a...