EUVD-2013-5048

Malware in sbrugna...

EUVD-2024-32003

Malicious code in bioql PyPI...

EUVD-2024-32001

Malicious code in bioql PyPI...

CVE-2025-9741

A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /loginquery12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2024-3415

A vulnerability was found in SourceCodester Human Resource Information System 1.0. It has been classified as problematic. Affected is an unknown function of the file SuperadminDashboard/process/addbranchesprocess.php. The manipulation of the argument branchesname leads to cross site scripting. It...

CVE-2013-5208

HR Systems Strategies info:HR HRIS 7.9 does not properly protect the database password, which allows local users to bypass intended database restrictions by accessing the USERPW registry key and bypassing an unspecified obfuscation technique...

CVE-2024-3415

A vulnerability was found in SourceCodester Human Resource Information System 1.0. It has been classified as problematic. Affected is an unknown function of the file SuperadminDashboard/process/addbranchesprocess.php. The manipulation of the argument branchesname leads to cross site scripting. It...

CVE-2024-3415 SourceCodester Human Resource Information System addbranches_process.php cross site scripting

A vulnerability was found in SourceCodester Human Resource Information System 1.0. It has been classified as problematic. Affected is an unknown function of the file SuperadminDashboard/process/addbranchesprocess.php. The manipulation of the argument branchesname leads to cross site scripting. It...

CVE-2024-3413

A vulnerability has been found in SourceCodester Human Resource Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file initialize/loginprocess.php. The manipulation of the argument hremail/hrpassword leads to sql injection. The attack can be initiat...

PT-2024-25721 · Sourcecodester · Sourcecodester Human Resource Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Information System version 1.0 Description: A problematic issue has been found in the software, affecting an unknown function of the file Superadmin Dashboard/process/addbranches process.php. The manipulation of...

CVE-2024-0470

A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been classified as critical. This affects an unknown part of the file /adminroute/incservicecredits.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...

PT-2024-15588 · Code Projects · Code-Projects Human Resource Integrated System

Name of the Vulnerable Software and Affected Versions: code-projects Human Resource Integrated System version 1.0 Description: A critical issue has been identified, affecting the file /admin route/dec service credits.php. The manipulation of the date argument leads to SQL injection. This issue ca...

Human Resource Information System 1.0 Authentication Bypass / Account Creation

Exploit Title: Human Resource Information System 1.0 - Create Admin Account Unauthenticated Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14714/human-resource-information-using-phpmysqliobject-orientedcomplete-free-sourcecode.html Version:1.0 Tested on: windows...

hris-hk.victorinox.com XSS vulnerability

Vulnerable URL: https://hris-hk.victorinox.com/payslipprint.asp?cycleid=1"...

CVE-2013-5208

CVE-2013-5208 affects HR Systems Strategies info:HR HRIS 7.9, where the database password is stored in a registry key (USERPW) with weak obfuscation. This enables a local attacker to read/decipher the password and gain full control of the database and application, including access to PII. Vendor ...

HR Systems Strategies info:HR HRIS allows read access to weakly obfuscated shared database password

Overview HR Systems Strategies info:HR HRIS 7.9 and possibly earlier versions allow read access to a weakly obfuscated database password. This password is shared by all clients within an info:HR site. A local attacker can decipher the password and gain complete control of the database and...