28 matches found
CVE-2026-37595
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/manageemployee.php...
CVE-2026-10286
A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /homeemployee.php. The manipulation of the argument empid results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...
CodeAstro Payroll System SQL注入漏洞
The CodeAstro Payroll System is a payroll management system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Payroll System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the empid parameter in the /homeemployee.php file, which may lead to...
CVE-2026-5576
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5576
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5576 SourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted upload
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5576 SourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted upload
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5576
SourceCodester/jkev Record Management System 1.0 contains a flaw in Add Employee page, specifically in save_emp.php that allows unrestricted file upload. The issue enables remote exploitation; exploit code is reported as available. The CVSS-derived data indicate network access, low to moderate im...
PT-2026-30445
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file save emp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5238
A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /viewemployee.php of the component Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed...
EUVD-2026-12361
A vulnerability was identified in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing of the file /manageemployee.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might b...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
PT-2026-1294
Name of the Vulnerable Software and Affected Versions Employee Leave Management System version 2.1 Description A Cross Site Request Forgery issue exists in Employee Leave Management System version 2.1. A remote attacker can potentially escalate privileges through the manage-employee.php component...
CVE-2025-29719
SourceCodester rems Employee Management System 1.0 is vulnerable to Cross Site Scripting XSS in addemployee.php via the First Name and Address text fields...
CVE-2025-26158
A Stored Cross-Site Scripting XSS vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter...
PT-2025-7127 · Unknown · Kashipara Online Attendance Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Online Attendance Management System version V1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the manage-employee.php page, allowing remote attackers to execute arbitrary scripts via the department parameter...
CVE-2024-7814
A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. Affected is an unknown function of the file /admin/admin-add-employee.php of the component Add Employee Page. The manipulation of the argument empfname /emplname /empnatidno/empaddr...