Lucene search
K

18 matches found

EUVD
EUVD
added 2026/06/02 8:30 p.m.12 views

EUVD-2026-34024

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/02 8:30 p.m.49 views

CVE-2026-10624 SourceCodester Human Resource Management Employee View detailview.php resource injection

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS0.00242EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/02 8:30 p.m.8 views

CVE-2026-10624

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/02 8:30 p.m.28 views

CVE-2026-10624

The vulnerability affects SourceCodester Human Resource Management 1.0, in the Employee View Page’s detailview.php. Manipulating the employeeid parameter leads to improper control of resource identifiers (an IDOR-style issue). Exploitation can be performed remotely, and public disclosure of the e...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.14 views

PT-2026-45853

Name of the Vulnerable Software and Affected Versions SourceCodester Human Resource Management version 1.0 Description An issue exists in the Employee View Page component within the '/detailview.php' endpoint. Remote manipulation of the employeeid argument leads to improper control of resource...

5.3CVSS5.7AI score0.00242EPSS
Exploits0References10
NVD
NVD
added 2026/04/05 9:16 p.m.5 views

CVE-2019-25664

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...

7.1CVSS0.00342EPSS
Exploits1References4
CVE
CVE
added 2026/04/05 8:45 p.m.9 views

CVE-2019-25664

CVE-2019-25664 affects SuiteCRM 7.10.7. A time-based SQL injection exists in the Records parameter of the Users module DetailView, enabling authenticated attackers to influence database queries by appending SQL to the record parameter in GET requests to index.php. This can be used to extract sens...

7.1CVSS6AI score0.00342EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.4 views

CVE-2019-25664

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...

7.1CVSS6AI score0.00342EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

SuiteCRM SQL注入漏洞

SuiteCRM is a customer relationship management system developed by the SuiteCRM team. Version 7.10.7 of SuiteCRM has a SQL injection vulnerability. This vulnerability stems from the record parameter in the DetailView operation of the Users module, which involves time-based SQL injections. This...

7.1CVSS5.9AI score0.00342EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.8 views

PT-2026-30473

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...

7.1CVSS6AI score0.00342EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-1222

Malware in sbrugna...

10CVSS6.4AI score0.0176EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-3582

Malware in sbrugna...

5.5CVSS6.4AI score0.00966EPSS
Exploits0References5
OSV
OSV
added 2025/07/29 1:15 p.m.1 views

CVE-2025-40686

Reflected Cross-Site Scripting XSS in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'employeeid' parameter in/detailview.php...

6.1CVSS5.9AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2023/06/23 4:15 p.m.4 views

CVE-2023-3391

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The...

9.8CVSS5.7AI score0.00743EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/06/23 12:0 a.m.6 views

PT-2023-24560 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: A critical issue has been found in the SourceCodester Human Resource Management System. The problem affects the file detailview.php, where the manipulation of the...

9.8CVSS8.1AI score0.00743EPSS
Exploits1References5
myhack58
myhack58
added 2017/09/25 12:0 a.m.56 views

SugarCRM new vulnerability is reproducible,a hacker attacker or can remote steal customer information data-vulnerability warning-the black bar safety net

SugarCRM audit a variety of network security achievements SugarCRM is more than a hotspot a customer relationship governance check-in Solution, and SugarCRM now important to have two major versions, that is necessary to pay the trade Edition and open source Community Edition, the eras of all ther...

8AI score
Exploits0
NVD
NVD
added 2005/11/26 2:3 a.m.18 views

CVE-2005-3818

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 various input fields, including the contact, lead, and first or last name fields, 2 the record parameter in a DetailView action in the Leads module f...

4.3CVSS5.8AI score0.05084EPSS
Exploits1References12
Cvelist
Cvelist
added 2004/12/15 5:0 a.m.20 views

CVE-2004-1225

SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality...

8.5AI score0.0176EPSS
Exploits1References4
Rows per page
Query Builder