156 matches found
PT-2023-19102 · Sourcecodester · Sourcecodester Faculty Evaluation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue has been found in the SourceCodester Faculty Evaluation System, affecting an unknown functionality of the file "ajax.php?action=delete subject". The manipulati...
Faculty Evaluation System SQL注入漏洞
Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Faculty Evaluation System version 1.0, which stems from an SQL injection issue in the id parameter of ajax.php?action=deletesubject...
PT-2023-19134 · Sourcecodester · Sourcecodester Faculty Evaluation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue affects the processing of the file admin/manage restriction.php, where the manipulation of the id argument leads to sql injection. The attack can be initiated...
Privilege escalation
Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...
PT-2023-22336 · Unknown · Employee Performance Evaluation System
Name of the Vulnerable Software and Affected Versions: Employee Performance Evaluation System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted file uploaded to the server. This is due to an arbitrary file upload vulnerability in the system...
CVE-2023-29625
Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...
CVE-2022-40435
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...
Cross site scripting
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...
CVE-2022-40435
CVE-2022-40435 affects Employee Performance Evaluation System v1.0. The vulnerability is a persistent cross-site scripting (XSS) flaw that can be triggered by adding new entries in the Departments and Designations module. The CVSS v3.1 vector (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N) yields a base sc...
CVE-2022-40435
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...
PT-2022-25383 · Unknown · Employee Performance Evaluation System
Name of the Vulnerable Software and Affected Versions: Employee Performance Evaluation System version 1.0 Description: The issue is related to a persistent cross-site scripting XSS vulnerability. This vulnerability can be exploited via adding new entries under the Departments and Designations...
CVE-2022-40435
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...
SourceCodester Employee Performance Evaluation System SQL注入漏洞
SourceCodester Employee Performance Evaluation is a Php-based site builder for employee performance management from SourceCodester. sourceCodester Employee Performance Evaluation SQL injection vulnerability, which can be exploited by attackers to perform SQL injection via email parameters...
Faulty Evaluation System 1.0 - (multiple) Stored Cross-Site Scripting Vulnerability
Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.html Software: Fault...
CVE-2020-35272
Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Admin Portal in the Task and Description fields...
CVE-2020-35271
Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Employees, First Name and Last Name fields...
Cross site scripting
Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Employees, First Name and Last Name fields...
CVE-2020-35271
CVE-2020-35271 affects the Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the Employees, First Name, and Last Name fields. Exploitation details are not provided in the connected documents, and no remediation or ...
Employee Performance Evaluation System Cross-Site Scripting Vulnerability
SourceCodester Employee Performance Evaluation System is a Php-based website builder for employee performance management from SourceCodester, Inc. A cross-site scripting vulnerability exists in the Employee Performance Evaluation System that originates in the First Name and Last Name fields of...
Employee Performance Evaluation System 1.0 Cross Site Scripting
Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting Date: 08/12/2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.sourcecodester.com Software Link:...