23 matches found
CVE-2025-14193
The CVE-2025-14193 detail concerns code-projects’ Employee Profile Management System 1.0. Multiple connected sources confirm a SQL injection vulnerability in the file /view_personnel.php, arising from unvalidated input in the per_id parameter. This enables remote exploitation and data disclosure,...
EUVD-2024-16261
Malicious code in bioql PyPI...
EUVD-2024-16262
Malicious code in bioql PyPI...
EUVD-2024-16260
Malicious code in bioql PyPI...
CVE-2024-0465
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
CVE-2024-0467
A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...
CVE-2024-0466
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2024-0467
A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...
CVE-2024-0467
The CVE-2024-0467 entry concerns code-projects’ Employee Profile Management System 1.0. The vulnerability affects the edit_position_query.php function, where manipulating the pos_name argument enables cross-site scripting (XSS). It is described as exploitable remotely, with the exploit disclosed ...
CVE-2024-0467 code-projects Employee Profile Management System edit_position_query.php cross site scripting
A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...
CVE-2024-0466
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2024-0465
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
CVE-2024-0465
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
Path traversal
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
Sql injection
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2024-0466 code-projects Employee Profile Management System file_table.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2024-0466
The CVE-2024-0466 entry covers code-projects Employee Profile Management System 1.0 with a SQL injection in file_table.php via the per_id argument. Root cause: unsafely processed per_id leads to injection risk. Impact: potential unauthorized data access/modify across the application (as described...
CVE-2024-0466 code-projects Employee Profile Management System file_table.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...