77 matches found
CVE-2022-38302
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/managedepartment.php...
SourceCodester Online Leave Management System 安全漏洞
SourceCodester Online Leave Management System is a SourceCodester open source online leave management system. A security vulnerability exists in SourceCodester Online Leave Management System version 1.0, which stems from an incorrect manipulation of the parameter employid in the file /reset.php,...
EUVD-2022-40896
Malicious code in bioql PyPI...
EUVD-2021-27770
Malicious code in bioql PyPI...
EUVD-2022-46224
Malicious code in bioql PyPI...
EUVD-2022-44582
Malicious code in bioql PyPI...
EUVD-2022-40895
Malicious code in bioql PyPI...
EUVD-2022-44559
Malicious code in bioql PyPI...
EUVD-2022-47934
Malicious code in bioql PyPI...
EUVD-2022-40894
Malicious code in bioql PyPI...
EUVD-2022-47933
Malicious code in bioql PyPI...
EUVD-2022-44178
Malicious code in bioql PyPI...
EUVD-2022-44176
Malicious code in bioql PyPI...
CVE-2022-41355
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leavesystem/classes/Master.php?f=deletedepartment...
CVE-2022-38304
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manageleavetype.php...
CVE-2022-43179
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manageuser=...
CVE-2022-45008
Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /leavesystem/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name...
CVE-2022-45009
Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leavesystem/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2021-40595
SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /leavesystem/classes/Login.php...
CVE-2022-45008
Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /leavesystem/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name...