Lucene search
K

156 matches found

Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.6 views

PT-2023-19102 · Sourcecodester · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue has been found in the SourceCodester Faculty Evaluation System, affecting an unknown functionality of the file "ajax.php?action=delete subject". The manipulati...

9.8CVSS7.8AI score0.00743EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/04/28 12:0 a.m.5 views

Faculty Evaluation System SQL注入漏洞

Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Faculty Evaluation System version 1.0, which stems from an SQL injection issue in the id parameter of ajax.php?action=deletesubject...

9.8CVSS7.2AI score0.00743EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.7 views

PT-2023-19134 · Sourcecodester · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue affects the processing of the file admin/manage restriction.php, where the manipulation of the id argument leads to sql injection. The attack can be initiated...

9.8CVSS5.5AI score0.00728EPSS
Exploits1References6
Prion
Prion
added 2023/04/14 2:15 a.m.10 views

Privilege escalation

Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...

6.5CVSS8.9AI score0.00955EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/14 12:0 a.m.3 views

PT-2023-22336 · Unknown · Employee Performance Evaluation System

Name of the Vulnerable Software and Affected Versions: Employee Performance Evaluation System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted file uploaded to the server. This is due to an arbitrary file upload vulnerability in the system...

8.8CVSS8.8AI score0.00955EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/04/14 12:0 a.m.8 views

CVE-2023-29625

Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...

9AI score0.00955EPSS
Exploits1References1
OSV
OSV
added 2022/12/19 5:15 p.m.5 views

CVE-2022-40435

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

4.8CVSS5.7AI score0.00573EPSS
Exploits1References3
Prion
Prion
added 2022/12/19 5:15 p.m.12 views

Cross site scripting

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

4.3CVSS5AI score0.00573EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/12/19 12:0 a.m.58 views

CVE-2022-40435

CVE-2022-40435 affects Employee Performance Evaluation System v1.0. The vulnerability is a persistent cross-site scripting (XSS) flaw that can be triggered by adding new entries in the Departments and Designations module. The CVSS v3.1 vector (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N) yields a base sc...

4.8CVSS5AI score0.00573EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/12/19 12:0 a.m.18 views

CVE-2022-40435

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

5.2AI score0.00573EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/19 12:0 a.m.4 views

PT-2022-25383 · Unknown · Employee Performance Evaluation System

Name of the Vulnerable Software and Affected Versions: Employee Performance Evaluation System version 1.0 Description: The issue is related to a persistent cross-site scripting XSS vulnerability. This vulnerability can be exploited via adding new entries under the Departments and Designations...

4.8CVSS4.8AI score0.00573EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/12/19 12:0 a.m.6 views

CVE-2022-40435

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

6.2AI score0.00573EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/04/05 12:0 a.m.3 views

SourceCodester Employee Performance Evaluation System SQL注入漏洞

SourceCodester Employee Performance Evaluation is a Php-based site builder for employee performance management from SourceCodester. sourceCodester Employee Performance Evaluation SQL injection vulnerability, which can be exploited by attackers to perform SQL injection via email parameters...

9.8CVSS5.8AI score0.01254EPSS
Exploits1References2
0day.today
0day.today
added 2021/02/17 12:0 a.m.24 views

Faulty Evaluation System 1.0 - (multiple) Stored Cross-Site Scripting Vulnerability

Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.html Software: Fault...

7.1AI score
Exploits0
OSV
OSV
added 2021/01/20 4:15 p.m.6 views

CVE-2020-35272

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Admin Portal in the Task and Description fields...

4.8CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2021/01/20 4:15 p.m.4 views

CVE-2020-35271

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Employees, First Name and Last Name fields...

4.8CVSS5.8AI score0.00546EPSS
Exploits1References1
Prion
Prion
added 2021/01/20 4:15 p.m.12 views

Cross site scripting

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Employees, First Name and Last Name fields...

3.5CVSS5.1AI score0.00546EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/01/20 3:37 p.m.38 views

CVE-2020-35271

CVE-2020-35271 affects the Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the Employees, First Name, and Last Name fields. Exploitation details are not provided in the connected documents, and no remediation or ...

4.8CVSS5AI score0.00546EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/01/20 12:0 a.m.7 views

Employee Performance Evaluation System Cross-Site Scripting Vulnerability

SourceCodester Employee Performance Evaluation System is a Php-based website builder for employee performance management from SourceCodester, Inc. A cross-site scripting vulnerability exists in the Employee Performance Evaluation System that originates in the First Name and Last Name fields of...

4.8CVSS5.7AI score0.00546EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2020/12/08 12:0 a.m.372 views

Employee Performance Evaluation System 1.0 Cross Site Scripting

Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting Date: 08/12/2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.sourcecodester.com Software Link:...

0.1AI score
Exploits0
Rows per page
Query Builder