Lucene search
K

11 matches found

NVD
NVD
added 2026/06/08 12:16 p.m.13 views

CVE-2026-11506

A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...

6.5CVSS0.002EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 10:30 a.m.10 views

CVE-2026-11506 CodeAstro Leave Management System search_staff_for_deletion.php sql injection

A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...

6.5CVSS5.3AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-30374

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:52 a.m.4 views

CVE-2023-0761

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...

4.3CVSS5.7AI score0.00278EPSS
Exploits2References1
OSV
OSV
added 2023/10/25 6:17 p.m.5 views

CVE-2023-26579

Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows deletion of staff information by unauthenticated attackers...

5.3CVSS5.8AI score0.00526EPSS
Exploits0References1
Prion
Prion
added 2023/05/15 1:15 p.m.15 views

Cross site request forgery (csrf)

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...

4.3CVSS4.7AI score0.00278EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/15 12:15 p.m.7 views

CVE-2023-0761 Clock In Portal <= 2.1 - Staff Deletion via CSRF

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...

6.8AI score0.00278EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/15 12:15 p.m.14 views

CVE-2023-0761 Clock In Portal <= 2.1 - Staff Deletion via CSRF

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...

5AI score0.00278EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/05/15 12:0 a.m.7 views

PT-2023-16509 · WordPress · Clock In Portal- Staff & Attendance Management

Name of the Vulnerable Software and Affected Versions: The Clock In Portal- Staff & Attendance Management WordPress plugin versions 2.1 and earlier Description: The issue is related to the lack of a CSRF check when deleting staff members, which could allow attackers to make logged-in admins delet...

4.3CVSS9.3AI score0.00278EPSS
Exploits2References6
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.15 views

Clock In Portal <= 2.1 - Staff Deletion via CSRF

The plugin does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack PoC Make a logged in admin open a page with the code below, this will make them delete the Staff with ID 1...

4.3CVSS8.4AI score0.00278EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2023/04/18 12:0 a.m.182 views

Clock In Portal <= 2.1 - Staff Deletion via CSRF

The plugin does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack Make a logged in admin open a page with the code below, this will make them delete the Staff with ID 1...

4.3CVSS8.5AI score0.00278EPSS
Exploits2
Rows per page
Query Builder