CVE-2026-12131 CodeAstro Human Resource Management System Payroll Invoice Payroll.php sql injection

A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitatio...

CVE-2025-13421

A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0. Impacted is an unknown function of the file /src/store/NoticeStore.php. Such manipulation of the argument noticeDesc leads to sql injection. The attack can be launched remotely. The exploit has been...

EUVD-2024-32002

Malicious code in bioql PyPI...

EUVD-2025-26308

Malicious code in bioql PyPI...

EUVD-2025-25774

Malicious code in bioql PyPI...

EUVD-2025-26305

Malicious code in bioql PyPI...

EUVD-2025-28884

Malicious code in bioql PyPI...

EUVD-2025-25831

Malicious code in bioql PyPI...

CVE-2025-56293

code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting XSS in the Add Child Information section in the Childs Name field...

CVE-2025-56293

code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting XSS in the Add Child Information section in the Childs Name field...

PT-2025-37996

Name of the Vulnerable Software and Affected Versions: code-projects Human Resource Integrated System version 1.0 Description: The Human Resource Integrated System is susceptible to Cross Site Scripting XSS attacks. This issue affects the Add Child Information section, specifically within the...

CVE-2025-56293

code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting XSS in the Add Child Information section in the Childs Name field...

CVE-2025-56293

The CVE-2025-56293 entry concerns code-projects Human Resource Integrated System 1.0, where a Cross Site Scripting (XSS) vulnerability exists in the Add Child Information section via the Childs Name field. The root cause is insufficient input validation/sanitization in that field, enabling script...

CVE-2025-9743

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file loginattendance2.php. Performing manipulation of the argument employeeid/date results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-9741

A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /loginquery12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-9733

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. This impacts an unknown function of the file /logintimeee.php. Performing manipulation of the argument empid results in sql injection. The attack may be initiated remotely. The exploit has been released to...

Human Resource Integrated System log_query.php File SQL Injection Vulnerability

Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /logquery.php. An attacker can exploit...

Human Resource Integrated System login.php File SQL Injection Vulnerability

Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter user/pass in the file /login.php. An attacker can...

Human Resource Integrated System login_attendance2.php File SQL Injection Vulnerability

Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter employeeid/date in the file loginattendance2.php. A...

CVE-2025-9743 code-projects Human Resource Integrated System login_attendance2.php sql injection

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file loginattendance2.php. Performing manipulation of the argument employeeid/date results in sql injection. The attack can be initiated remotely. The exploit has been...