CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited to conduct a cross-site scripting attack via the expensename parameter in the...

5.4CVSS6.3AI score0.00206EPSS

Exploits1References1

CNVD•added 2018/01/02 12:0 a.m.•1 views

Biometric Shift Employee Management System Cross-Site Scripting Vulnerability

Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited via the index.php holidayname parameter in the editholiday operation...

5.4CVSS6.4AI score0.00206EPSS

Exploits1References1

CNVD•added 2018/01/02 12:0 a.m.•1 views

Biometric Shift Employee Management System Cross-Site Scripting Vulnerability (CNVD-2018-01395)

Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited via the LastName parameter in the index.php?user=ajax request...

5.4CVSS6.4AI score0.00206EPSS

Exploits1References1

CNVD•added 2018/01/02 12:0 a.m.•1 views

Biometric Shift Employee Management System Arbitrary File Download Vulnerability

Biometric Shift Employee Management System is an employee management system. An arbitrary file download vulnerability exists in Biometric Shift Employee Management System. An attacker can download arbitrary files via a directory traversal sequence in the index.php formfilename parameter of the...

9.8CVSS7.1AI score0.00793EPSS

Exploits1References1

CNVD•added 2018/01/02 12:0 a.m.•1 views

Biometric Shift Employee Management System Cross-Site Scripting Vulnerability (CNVD-2018-01396)

Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited to conduct cross-site scripting attacks via the criteria parameter in the...

5.4CVSS6.3AI score0.00206EPSS

Exploits1References1

CNVD•added 2018/01/02 12:0 a.m.•1 views

Biometric Shift Employee Management System Cross-Site Request Forgery Vulnerability

Biometric Shift Employee Management System is an employee management system. A cross-site request forgery vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited to conduct cross-site request forgery attacks via index.php in the editholiday operation...

8.8CVSS6.9AI score0.00134EPSS

Exploits1References1

CNVD•added 2018/01/02 12:0 a.m.•2 views

Biometric Shift Employee Management System Cross-Site Scripting Vulnerability (CNVD-2018-01397)

Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited via the amount parameter in the index.php?user=additiondeduction request...

5.4CVSS6.4AI score0.00206EPSS

Exploits1References1

OSV•added 2017/12/30 4:29 a.m.•0 views

CVE-2017-17989

Biometric Shift Employee Management System has XSS via the index.php holidayname parameter in an editholiday action...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1

NVD•added 2017/12/30 4:29 a.m.•11 views

CVE-2017-17995

Biometric Shift Employee Management System has XSS via the LastName parameter in an index.php?user=ajax request...

5.4CVSS5.3AI score0.00206EPSS

Exploits1References1

Prion•added 2017/12/30 4:29 a.m.•11 views

Directory traversal

Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php formfilename parameter in a downloadform action...

5CVSS9.3AI score0.00793EPSS

Exploits1References1Affected Software1

OSV•added 2017/12/30 4:29 a.m.•3 views

CVE-2017-17995

Biometric Shift Employee Management System has XSS via the LastName parameter in an index.php?user=ajax request...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1

NVD•added 2017/12/30 4:29 a.m.•13 views

CVE-2017-17993

Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=additiondeduction request...

5.4CVSS5.3AI score0.00206EPSS

Exploits1References1