13 matches found
EUVD-2017-9137
Malware in sbrugna...
EUVD-2017-9133
Malware in sbrugna...
Biometric Shift Employee Management System Cross-Site Scripting Vulnerability
Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited via the index.php holidayname parameter in the editholiday operation...
Biometric Shift Employee Management System Cross-Site Scripting Vulnerability (CNVD-2018-01399)
Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited to conduct a cross-site scripting attack via the expensename parameter in the...
Biometric Shift Employee Management System Cross-Site Scripting Vulnerability (CNVD-2018-01396)
Biometric Shift Employee Management System is an employee management system. A cross-site scripting vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited to conduct cross-site scripting attacks via the criteria parameter in the...
Biometric Shift Employee Management System Arbitrary File Download Vulnerability
Biometric Shift Employee Management System is an employee management system. An arbitrary file download vulnerability exists in Biometric Shift Employee Management System. An attacker can download arbitrary files via a directory traversal sequence in the index.php formfilename parameter of the...
Biometric Shift Employee Management System Cross-Site Request Forgery Vulnerability
Biometric Shift Employee Management System is an employee management system. A cross-site request forgery vulnerability exists in Biometric Shift Employee Management System. The vulnerability can be exploited to conduct cross-site request forgery attacks via index.php in the editholiday operation...
CVE-2017-17995
Biometric Shift Employee Management System has XSS via the LastName parameter in an index.php?user=ajax request...
Server side request forgery (ssrf)
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competencycriteria request...
CVE-2017-17990
Biometric Shift Employee Management System has CSRF via index.php in an editholiday action...
CVE-2017-17993
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=additiondeduction request...
CVE-2017-17994
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competencycriteria request...
Biometric Shift Employee Management System 3.0 Local File Disclosure
Exploit Title: Biometric Shift Employee Management System 3.0 - Local File Download Dork: N/A Date: 24.12.2017 Vendor Homepage: https://www.shiftsystems.net/ Software Link: https://codecanyon.net/item/white-label-shift-employee-management-system/21061908 Version: 3.0 Category: Webapps Tested on:...