Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.15 views

CVE-2026-37595

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/manageemployee.php...

2.7CVSS5.7AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 9:16 p.m.18 views

CVE-2026-10286

A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /homeemployee.php. The manipulation of the argument empid results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

6.5CVSS0.00204EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

CodeAstro Payroll System SQL注入漏洞

The CodeAstro Payroll System is a payroll management system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Payroll System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the empid parameter in the /homeemployee.php file, which may lead to...

6.5CVSS6.6AI score0.00204EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/06 5:0 p.m.3 views

CVE-2026-5576

A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...

5.8CVSS5.5AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/04/05 4:16 p.m.5 views

CVE-2026-5576

A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...

5.8CVSS0.00291EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/05 3:15 p.m.26 views

CVE-2026-5576 SourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted upload

A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...

5.8CVSS0.00291EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/05 3:15 p.m.2 views

CVE-2026-5576 SourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted upload

A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...

5.8CVSS5.5AI score0.00291EPSS
Exploits0References4
CVE
CVE
added 2026/04/05 3:15 p.m.9 views

CVE-2026-5576

SourceCodester/jkev Record Management System 1.0 contains a flaw in Add Employee page, specifically in save_emp.php that allows unrestricted file upload. The issue enables remote exploitation; exploit code is reported as available. The CVSS-derived data indicate network access, low to moderate im...

5.8CVSS5.5AI score0.00291EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.4 views

PT-2026-30445

A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file save emp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...

5.8CVSS5.5AI score0.00291EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 11:45 p.m.3 views

CVE-2026-5238

A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /viewemployee.php of the component Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/03/16 3:30 p.m.7 views

EUVD-2026-12361

A vulnerability was identified in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing of the file /manageemployee.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might b...

7.5CVSS7AI score0.00446EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/03 1:48 a.m.4 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

9.8CVSS6AI score0.00391EPSS
Exploits1References1
NVD
NVD
added 2026/03/02 5:16 p.m.4 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

9.8CVSS0.00391EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/02 12:0 a.m.20 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

0.00391EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/02 12:0 a.m.1 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

9.8CVSS6AI score0.00391EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.18 views

PT-2026-1294

Name of the Vulnerable Software and Affected Versions Employee Leave Management System version 2.1 Description A Cross Site Request Forgery issue exists in Employee Leave Management System version 2.1. A remote attacker can potentially escalate privileges through the manage-employee.php component...

5.4CVSS5.9AI score0.0007EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/04/02 12:0 a.m.24 views

CVE-2025-29719

SourceCodester rems Employee Management System 1.0 is vulnerable to Cross Site Scripting XSS in addemployee.php via the First Name and Address text fields...

0.00275EPSS
Exploits1References2
OSV
OSV
added 2025/02/14 5:15 p.m.5 views

CVE-2025-26158

A Stored Cross-Site Scripting XSS vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter...

5.6CVSS6.1AI score0.00311EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.7 views

PT-2025-7127 · Unknown · Kashipara Online Attendance Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Online Attendance Management System version V1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the manage-employee.php page, allowing remote attackers to execute arbitrary scripts via the department parameter...

5.6CVSS6.3AI score0.00311EPSS
Exploits1References5
OSV
OSV
added 2024/08/15 4:15 a.m.5 views

CVE-2024-7814

A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. Affected is an unknown function of the file /admin/admin-add-employee.php of the component Add Employee Page. The manipulation of the argument empfname /emplname /empnatidno/empaddr...

4.8CVSS3.9AI score0.00395EPSS
Exploits1References3
Rows per page
Query Builder