Lucene search
K
CampcodesPayroll Management System

11 matches found

CVE
CVE
added 2025/06/28 9:0 p.m.33 views

CVE-2025-6826

The CVE-2025-6826 entry concerns code-projects Payroll Management System 1.0 where the vulnerability resides in /Payroll_Management_System/ajax.php?action=save_department. The root cause is an SQL injection caused by manipulation of the ID parameter, enabling remote exploitation. Public disclosur...

9.8CVSS7.5AI score0.00399EPSS
Web
CVE
CVE
added 2025/07/09 6:2 a.m.32 views

CVE-2025-7219

CVE-2025-7219 affects Campcodes Payroll Management System 1.0. The vulnerability is a SQL injection in an unknown function of /ajax.php?action=delete_allowances, exploitable remotely via the ID parameter. The issue is described as critical/high depending on source (remote, low user interaction) w...

9.8CVSS7.6AI score0.00396EPSS
CVE
CVE
added 2025/07/09 5:2 a.m.30 views

CVE-2025-7217

CVE-2025-7217 affects Campcodes Payroll Management System 1.0. The vulnerability resides in unknown code within /ajax.php?action=save_position, where manipulating the ID parameter triggers a SQL injection. It is exploitable remotely and the exploit has been publicly disclosed. Multiple feeds clas...

9.8CVSS7.8AI score0.00396EPSS
CVE
CVE
added 2025/07/07 1:2 p.m.29 views

CVE-2025-7129

CVE-2025-7129 affects Campcodes Payroll Management System the 1.0 release. The vulnerability stems from improper handling of the ID argument in the endpoint /ajax.php?action=delete_employee_attendance_single, enabling SQL injection and potentially allowing remote exploitation. Multiple connected ...

9.8CVSS7.5AI score0.00454EPSS
CVE
CVE
added 2025/07/07 1:32 p.m.28 views

CVE-2025-7130

Campcodes Payroll Management System 1.0 contains a remote SQL injection in /ajax.php?action=delete_payroll via manipulated ID parameter. The vulnerability is documented as critical with potential high impact on confidentiality, integrity, and availability. Exploitation is reported as possible and...

9.8CVSS7.6AI score0.00454EPSS
CVE
CVE
added 2025/07/07 2:2 p.m.28 views

CVE-2025-7131

Campcodes Payroll Management System 1.0 is affected by a SQL injection in /ajax.php?action=save_employee_attendance via manipulation of the employee_id parameter. The vulnerability allows remote exploitation, with public disclosures noted. Root cause: improper handling of input in the save_employ...

9.8CVSS7.5AI score0.00454EPSS
CVE
CVE
added 2025/07/07 2:32 p.m.25 views

CVE-2025-7132

CVE-2025-7132 affects Campcodes Payroll Management System 1.0. The vulnerability is in the /ajax.php?action=save_payroll endpoint, where manipulation of the ID argument enables SQL injection. Exploitation is described as possible remotely, with public disclosure of the exploit. The connected docu...

9.8CVSS7.4AI score0.00454EPSS
CVE
CVE
added 2025/07/09 5:32 a.m.25 views

CVE-2025-7218

The CVE-2025-7218 entry concerns Campcodes Payroll Management System 1.0 with a SQL injection vulnerability in the file /ajax.php?action=delete_position caused by improper handling of the ID parameter. The issue is exploitable remotely and publicly disclosed. Affected component: the web endpoint ...

9.8CVSS7.5AI score0.00396EPSS
CVE
CVE
added 2025/07/09 6:32 a.m.25 views

CVE-2025-7220

CVE-2025-7220 concerns Campcodes Payroll Management System 1.0. The vulnerability is an unauthenticated SQL injection in the unknown function reachable via the file /ajax.php?action=save_deductions, caused by manipulation of the parameter ID. It is exploitable remotely, and public disclosures/exp...

9.8CVSS7.5AI score0.00396EPSS
CVE
CVE
added 2025/07/07 12:32 p.m.24 views

CVE-2025-7128

CVE-2025-7128 affects Campcodes Payroll Management System 1.0. The vulnerability stems from improper handling of the ID parameter in /ajax.php?action=calculate_payroll, enabling remote SQL injection. Multiple sources confirm the attack is network-proximate with high-impact potential (confidential...

9.8CVSS7.5AI score0.00454EPSS
CVE
CVE
added 2025/08/27 1:32 p.m.21 views

CVE-2025-9529

CVE-2025-9529 affects Campcodes Payroll Management System 1.0. The vulnerability is a remote file inclusion caused by manipulating the page argument in the /index.php include function. Multiple sources confirm this weakness and remote exploitation is possible, with public exploits available. No s...

7.5CVSS7.2AI score0.00492EPSS