75 matches found
Sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editprofile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2024-1007 SourceCodester Employee Management System edit_profile.php sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editprofile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2023-1796 SourceCodester Employee Payslip Generator Create News cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Employee Payslip Generator 1.0. Affected is an unknown function of the file /classes/Master.php?f=saveposition of the component Create News Handler. The manipulation of the argument name with the input alertdocument.cookie...
CVE-2023-1360
A vulnerability was found in SourceCodester Employee Payslip Generator with Sending Mail 1.2.0 and classified as critical. This issue affects some unknown processing of the file classes/Users.php?f=save of the component New User Creation. The manipulation of the argument username leads to sql...
Sql injection
A vulnerability was found in SourceCodester Employee Payslip Generator with Sending Mail 1.2.0 and classified as critical. This issue affects some unknown processing of the file classes/Users.php?f=save of the component New User Creation. The manipulation of the argument username leads to sql...
CVE-2023-0905
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has...
CVE-2023-0904
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument taskid leads to sql injection. The attack may be initiated remotely. The exploi...
Sql injection
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...
CVE-2022-3121
A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be...
Sql injection
A vulnerability was found in SourceCodester Employee Management System. It has been classified as critical. Affected is an unknown function of the file /process/eprocess.php. The manipulation of the argument mailuid/pwd leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2022-2724 SourceCodester Employee Management System aprocess.php sql injection
A vulnerability was found in SourceCodester Employee Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /process/aprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack can be launched...
Cross site scripting
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field...
CVE-2021-43712
CVE-2021-43712 corresponds to a Stored XSS vulnerability in Sourcecodester’s Employee Daily Task Management System v1.0, occurring in the Add New Employee Form Name field. The incident is described across multiple sources as enabling a remote attacker to inject/store arbitrary code via the Name f...
SourceCodester Employee and Visitor Gate Pass Logging System SQL注入漏洞
SourceCodester Employee and Visitor Gate Pass Logging System is a simple web-based employee and visitor pass logging system that provides companies with an automated platform to track or log the daily records of employees and visitors entering a company building or premises. A SQL injection...
CVE-2020-29215
A Cross Site Scripting in SourceCodester Employee Management System 1.0 allows the user to execute alert messages via /Employee Management System/addemp.php on admin account...