Employee Record Management System Security Vulnerabilities
SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
9.8CVSS
9.9AI Score
0.01EPSS
Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php.
5.4CVSS
5.3AI Score
0.001EPSS
Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php.
9.8CVSS
9.7AI Score
0.002EPSS
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php.
9.8CVSS
9.8AI Score
0.017EPSS
Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server.
7.5CVSS
7.4AI Score
0.005EPSS
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.
9.8CVSS
9.8AI Score
0.002EPSS
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirem...
9.1CVSS
9.2AI Score
0.001EPSS