4 matches found
CVE-2026-9416
A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed publicly...
PHPGurukul Employee Record Management System 代码注入漏洞
Employee Record Management System is an employee record management system. The Employee Record Management System suffers from a cross-site scripting vulnerability that arises from insufficient filtering of the First name parameter in the /myprofile.php file. An attacker can exploit this...
CVE-2022-30931
Employee Leaves Management System ELMS V 2.1 is vulnerable to Cross Site Request Forgery CSRF via /myprofile.php...
SilverStripe CSV Excel Macro Injection
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...