Lucene search
+L

14 matches found

CVE
CVE
added 5 days ago15 views

CVE-2026-15478

IceHRM

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
CNVD
CNVD
added 2025/11/11 12:0 a.m.6 views

WordPress All in One Time Clock Lite plugin unauthorized access vulnerability

WordPress All in One Time Clock Lite plugin is a plugin for tracking employee attendance and supports clock-in record management for employees, volunteers and contractors. An unauthorized access vulnerability exists in WordPress All in One Time Clock Lite plugin, which stems from a lack of...

6.5CVSS6.8AI score0.00249EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/24 12:0 a.m.4 views

WordPress All in One Time Clock Lite plugin unsafe direct object reference vulnerability

WordPress All in One Time Clock Lite plugin is a plugin for tracking employee attendance and supports employee/volunteer/contractor punch record management. The WordPress All in One Time Clock Lite plugin suffers from an insecure direct object reference vulnerability that stems from the applicati...

4.3CVSS6.8AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

WordPress plugin All in One Time Clock Lite 安全漏洞

WordPress All in One Time Clock Lite plugin is a plugin for tracking employee attendance and supports employee/volunteer/contractor punch record management. The WordPress All in One Time Clock Lite plugin suffers from an insecure direct object reference vulnerability that stems from the applicati...

4.3CVSS6.8AI score0.00178EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-18521

Malicious code in bioql PyPI...

7.6CVSS7.6AI score0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20228

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00454EPSS
Exploits1References5
CVE
CVE
added 2025/07/07 2:2 p.m.29 views

CVE-2025-7131

Campcodes Payroll Management System 1.0 is affected by a SQL injection in /ajax.php?action=save_employee_attendance via manipulation of the employee_id parameter. The vulnerability allows remote exploitation, with public disclosures noted. Root cause: improper handling of input in the save_employ...

9.8CVSS7.5AI score0.00454EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.10 views

PT-2025-28169 · Unknown · Campcodes Payroll Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Payroll Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown functionality of the file /ajax.php?action=save employee attendance. The manipulation of the employee id argument lead...

9.8CVSS7.3AI score0.00454EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/06/19 3:20 p.m.7 views

CVE-2025-28972

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Suhas Surse WP Employee Attendance System wp-employee-attendance-system allows Blind SQL Injection.This issue affects WP Employee Attendance System: from n/a through = 3.5...

7.6CVSS5.9AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 3:15 p.m.6 views

CVE-2025-28972

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Suhas Surse WP Employee Attendance System wp-employee-attendance-system allows Blind SQL Injection.This issue affects WP Employee Attendance System: from n/a through = 3.5...

7.6CVSS0.00335EPSS
Exploits0References1
CVE
CVE
added 2025/06/17 3:1 p.m.16 views

CVE-2025-28972

CVE-2025-28972 is an SQL injection vulnerability in the WordPress plugin “WP Employee Attendance System” affecting version 3.5 and earlier. The described root cause is improper neutralization of special elements in SQL commands, enabling blind SQL injection. Public references indicate the issue i...

7.6CVSS5.9AI score0.00335EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/17 3:1 p.m.4 views

CVE-2025-28972 WordPress WP Employee Attendance System <= 3.5 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Suhas Surse WP Employee Attendance System allows Blind SQL Injection. This issue affects WP Employee Attendance System: from n/a through 3.5...

7.6CVSS7.8AI score0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 3:1 p.m.14 views

CVE-2025-28972 WordPress WP Employee Attendance System plugin <= 3.5 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Suhas Surse WP Employee Attendance System wp-employee-attendance-system allows Blind SQL Injection.This issue affects WP Employee Attendance System: from n/a through = 3.5...

7.6CVSS0.00335EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

ZKSoftware Biometric Attendence Managnmnet Hardware[MIPS] 2 - Improper Authentication

No description provided by source. Exploit Title: ZKSoftware Biometric Attendence managnmnet HardwareMIPS Improper Authentication. Date: 20-3-2010 Author: FB1H2S Software Link: http://www.esslindia.com/install/eTimeTrack.zip Version: V2 Tested on: category: Remote Code : Advisory ZKSoftware...

7.1AI score
Exploits0
Rows per page
Query Builder