CVE-2020-35271

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Employees, First Name and Last Name fields...

CVE-2020-35272

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Admin Portal in the Task and Description fields...

Privilege escalation

Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...

PT-2023-22336 · Unknown · Employee Performance Evaluation System

Name of the Vulnerable Software and Affected Versions: Employee Performance Evaluation System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted file uploaded to the server. This is due to an arbitrary file upload vulnerability in the system...

CVE-2023-29625

Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...

Cross site scripting

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

PT-2022-25383 · Unknown · Employee Performance Evaluation System

Name of the Vulnerable Software and Affected Versions: Employee Performance Evaluation System version 1.0 Description: The issue is related to a persistent cross-site scripting XSS vulnerability. This vulnerability can be exploited via adding new entries under the Departments and Designations...

CVE-2022-40435

CVE-2022-40435 affects Employee Performance Evaluation System v1.0. The vulnerability is a persistent cross-site scripting (XSS) flaw that can be triggered by adding new entries in the Departments and Designations module. The CVSS v3.1 vector (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N) yields a base sc...

CVE-2022-40435

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

CVE-2022-40435

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

CVE-2020-35272

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Admin Portal in the Task and Description fields...

Cross site scripting

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Employees, First Name and Last Name fields...

CVE-2020-35271

CVE-2020-35271 affects the Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the Employees, First Name, and Last Name fields. Exploitation details are not provided in the connected documents, and no remediation or ...

Employee Performance Evaluation System 1.0 Cross Site Scripting

Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting Date: 08/12/2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.sourcecodester.com Software Link:...