14 matches found
CVE-2026-9237
Summary: CVE-2026-9237 affects the WordPress plugin “Crew HRM” (Employee, Leave and Recruitment Management System). All versions up to 1.2.2 are vulnerable to an authorization bypass due to improper access verification. Authenticated users with subscriber-level access or higher can delete, archiv...
CVE-2025-67315
Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component...
CVE-2025-67315
Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component...
CVE-2025-67315
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
EUVD-2026-0808
Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component...
CVE-2025-67315
...
EUVD-2022-42548
Malicious code in bioql PyPI...
CVE-2022-3121
A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be...
Online Employee Leave Management System 1.0 Cross Site Request Forgery
Exploit Title: Online Employee Leave Management System 1.0 - Cross-Site Request Forgery addemployee.php Date: 05/09/2022 Exploit Author: Amolo Hunters Software Link: https://www.sourcecodester.com/php/15374/online-employee-leave-management-system-php-free-source-code.html Version: 1.0 Tested on:...
Online Employee Leave Management System跨站请求伪造漏洞
Online Employee Leave Management System is an employee leave management system that provides an employee and management platform to efficiently manage leave departures and approvals. The vulnerability can be exploited by attackers to disguise user identity and send malicious requests...
Cross site request forgery (csrf)
A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be...
CVE-2022-3121 SourceCodester Online Employee Leave Management System addemployee.php cross-site request forgery
A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be...
CVE-2022-3121
CVE-2022-3121 affects SourceCodester Online Employee Leave Management System 1.0. The vulnerability concerns an unknown functionality in /admin/addemployee.php, where manipulation leads to cross-site request forgery (CSRF) that can be exploited remotely. Multiple connected sources (Red Hat, CVE r...
Sentrifugo 3.2 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Sentrifugo 3.2 - Persistent Cross-Site Scripting Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15814 Multiple Stored XSS vulnerabilities were found in...