Lucene search
K

14 matches found

CVE
CVE
added 5 days ago10 views

CVE-2026-9237

Summary: CVE-2026-9237 affects the WordPress plugin “Crew HRM” (Employee, Leave and Recruitment Management System). All versions up to 1.2.2 are vulnerable to an authorization bypass due to improper access verification. Authenticated users with subscriber-level access or higher can delete, archiv...

4.3CVSS6AI score0.00227EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/06 12:19 a.m.8 views

CVE-2025-67315

Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component...

5.4CVSS7.2AI score0.0007EPSS
Exploits0References1
OSV
OSV
added 2026/01/05 4:15 p.m.4 views

CVE-2025-67315

Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component...

5.4CVSS5.8AI score0.0007EPSS
Exploits0References2
NVD
NVD
added 2026/01/05 4:15 p.m.7 views

CVE-2025-67315

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

0.0007EPSS
Exploits0
EUVD
EUVD
added 2026/01/05 12:0 a.m.5 views

EUVD-2026-0808

Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component...

5.4CVSS6.7AI score0.0007EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/05 12:0 a.m.26 views

CVE-2025-67315

...

0.0007EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-42548

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:53 p.m.4 views

CVE-2022-3121

A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be...

8.8CVSS6.9AI score0.00241EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2022/09/06 12:0 a.m.271 views

Online Employee Leave Management System 1.0 Cross Site Request Forgery

Exploit Title: Online Employee Leave Management System 1.0 - Cross-Site Request Forgery addemployee.php Date: 05/09/2022 Exploit Author: Amolo Hunters Software Link: https://www.sourcecodester.com/php/15374/online-employee-leave-management-system-php-free-source-code.html Version: 1.0 Tested on:...

7.4AI score
Exploits0
CNVD
CNVD
added 2022/09/06 12:0 a.m.38 views

Online Employee Leave Management System跨站请求伪造漏洞

Online Employee Leave Management System is an employee leave management system that provides an employee and management platform to efficiently manage leave departures and approvals. The vulnerability can be exploited by attackers to disguise user identity and send malicious requests...

8.8CVSS3.1AI score0.00241EPSS
Exploits0References1
Prion
Prion
added 2022/09/05 2:15 p.m.16 views

Cross site request forgery (csrf)

A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be...

6.8CVSS8.6AI score0.00241EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/09/05 1:50 p.m.17 views

CVE-2022-3121 SourceCodester Online Employee Leave Management System addemployee.php cross-site request forgery

A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be...

4.3CVSS8.9AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2022/09/05 1:50 p.m.57 views

CVE-2022-3121

CVE-2022-3121 affects SourceCodester Online Employee Leave Management System 1.0. The vulnerability concerns an unknown functionality in /admin/addemployee.php, where manipulation leads to cross-site request forgery (CSRF) that can be exploited remotely. Multiple connected sources (Red Hat, CVE r...

8.8CVSS6.4AI score0.00241EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2019/08/30 12:0 a.m.60 views

Sentrifugo 3.2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Sentrifugo 3.2 - Persistent Cross-Site Scripting Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15814 Multiple Stored XSS vulnerabilities were found in...

3.5CVSS5.6AI score0.01581EPSS
Exploits5
Rows per page
Query Builder