3490 matches found
Sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatepersonalinfo.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. Th...
Sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been classified as critical. This affects an unknown part of the file /adminroute/incservicecredits.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
Sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /adminroute/decservicecredits.php. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-0471 code-projects Human Resource Integrated System dec_service_credits.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /adminroute/decservicecredits.php. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-0471
CVE-2024-0471 affects code-projects Human Resource Integrated System 1.0 in the /admin_route/dec_service_credits.php file. The root cause is manipulation of the date parameter that enables SQL injection. This vulnerability has been described as critical and is exploitable remotely, with public di...
CVE-2024-0470 code-projects Human Resource Integrated System inc_service_credits.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been classified as critical. This affects an unknown part of the file /adminroute/incservicecredits.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
CVE-2024-0470 code-projects Human Resource Integrated System inc_service_credits.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been classified as critical. This affects an unknown part of the file /adminroute/incservicecredits.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
CVE-2024-0469 code-projects Human Resource Integrated System update_personal_info.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatepersonalinfo.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. Th...
CVE-2024-0469 code-projects Human Resource Integrated System update_personal_info.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatepersonalinfo.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. Th...
CVE-2024-0468 code-projects Fighting Cock Information System new-father.php unrestricted upload
A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/action/new-father.php. The manipulation of the argument image leads to unrestricted upload. The attack can...
Cross site scripting
A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...
CVE-2024-0467 code-projects Employee Profile Management System edit_position_query.php cross site scripting
A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...
CVE-2024-0465
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
Sql injection
A vulnerability classified as critical has been found in code-projects Online Faculty Clearance 1.0. This affects an unknown part of the file deletefaculty.php of the component HTTP GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the...
Sql injection
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2024-0466 code-projects Employee Profile Management System file_table.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2024-0466
The CVE-2024-0466 entry covers code-projects Employee Profile Management System 1.0 with a SQL injection in file_table.php via the per_id argument. Root cause: unsafely processed per_id leads to injection risk. Impact: potential unauthorized data access/modify across the application (as described...
CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
CVE-2024-0465
CVE-2024-0465 affects code-projects Employee Profile Management System 1.0, with the vulnerable path in the file download.php . The vulnerability stems from manipulating the download_file argument, enabling a path traversal to “../filedir”. Public disclosure of the exploit is noted. Several conne...
CVE-2024-0464
CVE-2024-0464 affects code-projects Online Faculty Clearance 1.0. The vulnerability is in the HTTP GET Request Handler, specifically the delete_faculty.php file, where manipulating the id argument leads to an SQL injection. The issue enables remote exploitation and has been disclosed publicly. Mu...