Lucene search
K

16 matches found

NVD
NVD
added 2026/06/19 6:16 p.m.11 views

CVE-2019-25758

Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the profilepic parameter. Attackers can upload PHP files via POST requests to the employee view endpoint and...

8.8CVSS0.0067EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:35 p.m.4 views

CVE-2019-25758

Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the profilepic parameter. Attackers can upload PHP files via POST requests to the employee view endpoint and...

8.8CVSS6.4AI score0.0067EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/19 5:35 p.m.5 views

EUVD-2019-20194

Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the profilepic parameter. Attackers can upload PHP files via POST requests to the employee view endpoint and...

8.8CVSS6.4AI score0.0067EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50994

Name of the Vulnerable Software and Affected Versions Joomla! Component vBizz version 1.0.7 Description An unrestricted file upload issue allows authenticated attackers to upload arbitrary PHP files. This is achieved by submitting malicious files through the profile pic parameter via POST request...

8.8CVSS6.4AI score0.0067EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/02 8:30 p.m.49 views

CVE-2026-10624 SourceCodester Human Resource Management Employee View detailview.php resource injection

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS0.00242EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/02 8:30 p.m.9 views

CVE-2026-10624 SourceCodester Human Resource Management Employee View detailview.php resource injection

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References6
CVE
CVE
added 2026/06/02 8:30 p.m.28 views

CVE-2026-10624

The vulnerability affects SourceCodester Human Resource Management 1.0, in the Employee View Page’s detailview.php. Manipulating the employeeid parameter leads to improper control of resource identifiers (an IDOR-style issue). Exploitation can be performed remotely, and public disclosure of the e...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.5 views

SourceCodester Human Resource Management 安全漏洞

SourceCodester Human Resource Management is an open-source human resource management system developed by SourceCodester. Version 1.0 of SourceCodester Human Resource Management contains a security vulnerability. This vulnerability stems from the handling of the parameter employeeid in the Employe...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.14 views

PT-2026-45853

Name of the Vulnerable Software and Affected Versions SourceCodester Human Resource Management version 1.0 Description An issue exists in the Employee View Page component within the '/detailview.php' endpoint. Remote manipulation of the employeeid argument leads to improper control of resource...

5.3CVSS5.7AI score0.00242EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/04/16 12:0 a.m.7 views

CVE-2026-37347

SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/viewemployee.php...

9.1CVSS5.9AI score0.0032EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 3:16 p.m.4 views

CVE-2026-37594

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/viewemployee.php...

2.7CVSS0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:21 a.m.6 views

CVE-2022-46498

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the docnumber parameter at hisadminviewsingleemployee.php...

2.7CVSS8.3AI score0.00443EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/12/03 6:15 p.m.3 views

CVE-2022-4279

A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely...

6.1CVSS3.6AI score0.00511EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/12/03 6:15 p.m.5 views

CVE-2022-4279

A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely...

6.1CVSS3.9AI score0.00511EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/03 12:0 a.m.4 views

PT-2022-26581 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: A problematic issue has been discovered, affecting an unknown function of the file /hrm/employeeview.php. The manipulation of the search argument leads to cross-site...

6.1CVSS6.1AI score0.00511EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/12/03 12:0 a.m.5 views

Human Resource Management System 跨站脚本漏洞

Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Human Resource Management System version 1.0, which stems from a problem with an unknown function in the file /hrm/employeeview.php, where manipulation of...

6.1CVSS5.4AI score0.00511EPSS
Exploits1References3
Rows per page
Query Builder