66 matches found
CVE-2025-13421
A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0. Impacted is an unknown function of the file /src/store/NoticeStore.php. Such manipulation of the argument noticeDesc leads to sql injection. The attack can be launched remotely. The exploit has been...
EUVD-2025-25774
Malicious code in bioql PyPI...
EUVD-2025-28884
Malicious code in bioql PyPI...
EUVD-2025-26308
Malicious code in bioql PyPI...
EUVD-2025-26305
Malicious code in bioql PyPI...
EUVD-2024-32002
Malicious code in bioql PyPI...
EUVD-2025-25831
Malicious code in bioql PyPI...
CVE-2025-56293
code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting XSS in the Add Child Information section in the Childs Name field...
CVE-2025-56293
code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting XSS in the Add Child Information section in the Childs Name field...
CVE-2025-56293
The CVE-2025-56293 entry concerns code-projects Human Resource Integrated System 1.0, where a Cross Site Scripting (XSS) vulnerability exists in the Add Child Information section via the Childs Name field. The root cause is insufficient input validation/sanitization in that field, enabling script...
CVE-2025-56293
code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting XSS in the Add Child Information section in the Childs Name field...
PT-2025-37996
Name of the Vulnerable Software and Affected Versions: code-projects Human Resource Integrated System version 1.0 Description: The Human Resource Integrated System is susceptible to Cross Site Scripting XSS attacks. This issue affects the Add Child Information section, specifically within the...
CVE-2025-9743
A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file loginattendance2.php. Performing manipulation of the argument employeeid/date results in sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-9741
A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /loginquery12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...
CVE-2025-9733
A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. This impacts an unknown function of the file /logintimeee.php. Performing manipulation of the argument empid results in sql injection. The attack may be initiated remotely. The exploit has been released to...
Human Resource Integrated System log_query.php File SQL Injection Vulnerability
Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /logquery.php. An attacker can exploit...
Human Resource Integrated System login_attendance2.php File SQL Injection Vulnerability
Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter employeeid/date in the file loginattendance2.php. A...
Human Resource Integrated System login.php File SQL Injection Vulnerability
Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter user/pass in the file /login.php. An attacker can...
CVE-2025-9743 code-projects Human Resource Integrated System login_attendance2.php sql injection
A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file loginattendance2.php. Performing manipulation of the argument employeeid/date results in sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-9742
A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...