10 matches found
EUVD-2025-27192
Malicious code in bioql PyPI...
CVE-2025-10112
A weakness has been identified in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/department/index.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The...
CVE-2025-10112
A weakness has been identified in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/department/index.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The...
itsourcecode Student Information Management System 安全漏洞
itsourcecode Student Information Management System is an itsourcecode open source student information management system. A security vulnerability exists in itsourcecode Student Information Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the...
CVE-2022-40435
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...
PT-2022-27363 · Unknown · Online Leave Management System
Name of the Vulnerable Software and Affected Versions: Online Leave Management System version 1.0 Description: The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability is located in the /leave system/admin/?page=maintenance/department component and allows...
CVE-2017-17057
There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...
Cross site scripting
There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...
CVE-2017-17057
There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...
ZKTeco ZKTime Web Personnel Advanced Query Department Module Cross-Site Scripting Vulnerability
ZKTeco ZKTime Web is a time and attendance management system from ZKTeco, Inc.The Department module in Personnel Advanced Query is one of the departmental personnel advanced query modules. A cross-site scripting vulnerability exists in the Range field of the Department module in Personnel Advance...