Human Resource Integrated System login_attendance2.php File SQL Injection Vulnerability

Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter employeeid/date in the file loginattendance2.php. A...

CVE-2025-9743 code-projects Human Resource Integrated System login_attendance2.php sql injection

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file loginattendance2.php. Performing manipulation of the argument employeeid/date results in sql injection. The attack can be initiated remotely. The exploit has been...

WordPress WPHRM plugin <= 1.0 - Authenticated SQL Injection

WordPress WPHRM plugin Authenticated SQL Injection allows an attacker to inject SQL commands via the employeeid $GET param. Solution Update the plugin...

CVE-2017-14848

WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employeeid parameter...