EUVD-2024-34700

Malicious code in bioql PyPI...

CVE-2025-48784

A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization...

CVE-2023-3391

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-35468

A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter...

CVE-2024-35469

A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter...

CVE-2024-34221

Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation...

CVE-2024-34223

Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket...

CVE-2024-34223

CVE-2024-34223 concerns an insecure permission vulnerability in the SourceCodester Human Resource Management System (HRS) v1.0, impacting the endpoint /hrm/leaverequest.php . The issue enables an attacker to approve or reject leave tickets due to improper access control. Affects the product and v...

PT-2024-25753 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: The issue allows attackers to approve or reject leave tickets due to an insecure permission vulnerability in the /hrm/leaverequest.php file. Recommendations: For version...

Human Resource Management System 2024 1.0 SQL Injection

Title: hrm2024.1.0-Multiple-SQLi Author: nu11secur1ty Date: 04/02/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...

Human Resource Management System 1.0 - (employeeid) SQL Injection Vulnerability

Exploit Title: Human Resource Management System - SQL Injection Exploit Author: Srikar Exp1o1t9r Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...

CVE-2023-3391 SourceCodester Human Resource Management System detailview.php sql injection

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The...

CVE-2022-4278

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /hrm/employeeadd.php. The manipulation of the argument empid leads to sql injection. The attack may be initiated remotely. The...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2022-4273

A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to...

CVE-2022-4273

A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to...

CVE-2022-4279 SourceCodester Human Resource Management System employeeview.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2022-4279

CVE-2022-4279 affects SourceCodester Human Resource Management System 1.0. The vulnerability lies in /hrm/employeeview.php where manipulating the search parameter enables cross-site scripting (XSS). It can be exploited remotely and the public exploit is disclosed. Multiple connected sources confi...

CVE-2022-43262

Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /hrm/controller/login.php...

PT-2022-22465 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: A vulnerability was found in the Master List component, where the manipulation of the city, state, country, or position argument leads to cross-site scripting. This issu...