Lucene search
K

7 matches found

NVD
NVD
added 2026/06/12 9:16 p.m.10 views

CVE-2026-12130

A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...

5.1CVSS0.00203EPSS
Exploits0References6
CVE
CVE
added 2026/06/12 8:45 p.m.21 views

CVE-2026-12130

CodeAstro Human Resource Management System 1.0 is affected in the Projects Management Page (file /Projects/Add_Projects). The vulnerability is a stored/reflected cross-site scripting described as caused by manipulation of the protitle argument. The attack can be launched remotely and an exploit h...

5.1CVSS3.8AI score0.00203EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/12 8:45 p.m.10 views

EUVD-2026-36569

A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...

5.1CVSS3.7AI score0.00203EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/12/26 10:0 a.m.11 views

CVE-2024-12946 1000 Projects Attendance Tracking Management System admin_action.php sql injection

A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0. This issue affects some unknown processing of the file /admin/adminaction.php. The manipulation of the argument adminusername leads to sql injection. The attack may be...

7.5CVSS7.6AI score0.00572EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2024/06/20 12:0 a.m.19 views

Fedora: Security Advisory (FEDORA-2024-9ed24c98cd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.03255EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/06/27 9:15 a.m.4 views

CVE-2022-1653

The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks...

4.3CVSS5.8AI score0.00412EPSS
Exploits2References2
OSV
OSV
added 2022/06/27 9:15 a.m.3 views

CVE-2022-1653

The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks...

4.3CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder