CVE-2022-3497

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been classified as problematic. Affected is an unknown function of the component Master List. The manipulation of the argument city/state/country/position leads to cross site scripting. It is possible to laun...

Improper access control

A vulnerability was found in SourceCodester Human Resource Management System 1.0 and classified as critical. This issue affects some unknown processing of the file employeeadd.php of the component Admin Panel. The manipulation leads to improper access controls. The attack may be initiated remotel...

Command injection

A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be initiated remotely...

CVE-2022-3492

CVE-2022-3492 concerns SourceCodester Human Resource Management System 1.0, specifically the Profile Photo Handler component. The core issue is the manipulation of an argument parameter that enables an OS command injection, with a remote attack surface. Several connected sources reiterate the vul...

PT-2022-22439 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: A problematic issue has been found in the Add Employee Handler component, where the manipulation of the First Name/Middle Name/Last Name argument leads to cross-site...