3 matches found
CVE-2022-28016
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\deductionedit.php...
CVE-2022-28016
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\deductionedit.php...
CVE-2022-28016
Attendance and Payroll System v1.0 contains a SQL injection vulnerability in the admin\deduction_edit.php component. The root cause, as described by CNVD and other sources, is lack of input validation for external SQL statements, allowing an attacker to execute arbitrary SQL and potentially acces...