CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/12 12:0 a.m.•10 views

PT-2026-49000

Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description An SQL injection issue exists within the Payroll Invoice Module. The flaw is located in the Invoice function of the applicationcontrollersPayroll.php file, where improper...

6.5CVSS6.6AI score0.0025EPSS

Exploits0References8

Positive Technologies•added 2026/06/12 12:0 a.m.•9 views

PT-2026-48975

Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description A security flaw in the Projects Management Page component allows for remote cross-site scripting XSS, which is a technique where malicious scripts are injected into trusted...

5.1CVSS4.5AI score0.00203EPSS

Exploits0References9

Positive Technologies•added 2026/06/12 12:0 a.m.•8 views

PT-2026-48974

Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description Cross site scripting can be triggered remotely via the manipulation of the todo data argument within the '/dashboard/add tod' endpoint of the Dashboard Interface component...

5.1CVSS4.7AI score0.00203EPSS

Exploits0References9

RedhatCVE•added 2026/06/09 8:59 a.m.•11 views

CVE-2026-11491

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/Allnotice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input as part of POST leads to cross site scripting. It...

4.8CVSS3.7AI score0.00223EPSS

EUVD•added 2026/06/08 5:15 a.m.•10 views

EUVD-2026-35022

4.8CVSS3.6AI score0.00223EPSS

CNNVD•added 2026/06/08 12:0 a.m.•7 views

CodeAstro Human Resource Management System 跨站脚本漏洞

The CodeAstro Human Resource Management System is a human resource management system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Human Resource Management System has a cross-site scripting vulnerability. This vulnerability stems from incorrect handling of the Notice Title...

4.8CVSS4.3AI score0.00223EPSS

RedhatCVE•added 2026/06/05 7:48 p.m.•9 views

CVE-2026-10624

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS5AI score0.00242EPSS

ATTACKERKB•added 2026/06/02 8:30 p.m.•6 views

CVE-2026-10624

Exploits0References6Affected Software1

EUVD•added 2026/06/02 8:30 p.m.•11 views

EUVD-2026-34024

Vulnrichment•added 2026/06/02 8:30 p.m.•8 views

CVE-2026-10624 SourceCodester Human Resource Management Employee View detailview.php resource injection

CVE•added 2026/06/02 8:30 p.m.•23 views

CVE-2026-10624

The vulnerability affects SourceCodester Human Resource Management 1.0, in the Employee View Page’s detailview.php. Manipulating the employeeid parameter leads to improper control of resource identifiers (an IDOR-style issue). Exploitation can be performed remotely, and public disclosure of the e...

ATTACKERKB•added 2026/06/02 2:1 p.m.•9 views

CVE-2026-27351

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.00165EPSS

Exploits0References2

CNNVD•added 2026/06/02 12:0 a.m.•4 views

SourceCodester Human Resource Management 安全漏洞

SourceCodester Human Resource Management is an open-source human resource management system developed by SourceCodester. Version 1.0 of SourceCodester Human Resource Management contains a security vulnerability. This vulnerability stems from the handling of the parameter employeeid in the Employe...

Positive Technologies•added 2026/06/02 12:0 a.m.•12 views

PT-2026-45853

Name of the Vulnerable Software and Affected Versions SourceCodester Human Resource Management version 1.0 Description An issue exists in the Employee View Page component within the '/detailview.php' endpoint. Remote manipulation of the employeeid argument leads to improper control of resource...

5.3CVSS5.7AI score0.00242EPSS

Exploits0References10

NVD•added 2026/04/21 7:16 p.m.•7 views

CVE-2026-40865

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This exposes sensitive HR...

7.1CVSS0.0014EPSS