Employee Management System Security Vulnerabilities and Issues — Employee Management System CVE List

Lucene search

Employee Management System ProjectEmployee Management System

8 matches found

CVE•added 2024/03/19 8:15 p.m.•50 views

CVE-2024-28595

SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the admin_id parameter in update-admin.php.

9.8CVSS8.2AI score0.00534EPSS

CVE•added 2022/08/09 7:15 a.m.•42 views

CVE-2022-2724

A vulnerability was found in SourceCodester Employee Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /process/aprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack can be launched remotel...

9.8CVSS8.3AI score0.0011EPSS

CVE•added 2022/08/09 7:15 a.m.•41 views

CVE-2022-2723

A vulnerability was found in SourceCodester Employee Management System. It has been classified as critical. Affected is an unknown function of the file /process/eprocess.php. The manipulation of the argument mailuid/pwd leads to sql injection. It is possible to launch the attack remotely. The explo...

9.8CVSS8.4AI score0.0011EPSS

CVE•added 2022/08/09 7:15 a.m.•40 views

CVE-2022-2715

A vulnerability has been found in SourceCodester Employee Management System and classified as critical. This vulnerability affects unknown code of the file eloginwel.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed...

9.8CVSS8.4AI score0.00052EPSS

CVE•added 2024/01/29 5:15 p.m.•32 views

CVE-2024-1011

A vulnerability classified as problematic was found in SourceCodester Employee Management System 1.0. This vulnerability affects unknown code of the file delete-leave.php of the component Leave Handler. The manipulation of the argument id leads to improper access controls. The attack can be initiat...

8.8CVSS8.7AI score0.00163EPSS

CVE•added 2024/10/11 4:15 p.m.•32 views

CVE-2024-48813

SQL injection vulnerability in employee-management-system-php-and-mysql-free-download.html taskmatic 1.0 allows a remote attacker to execute arbitrary code via the admin_id parameter of the /update-employee.php component.

8.8CVSS8.7AI score0.00499EPSS

CVE•added 2024/01/29 5:15 p.m.•31 views

CVE-2024-1009

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be launched remotely. The...

9.8CVSS9.6AI score0.00081EPSS

CVE•added 2024/01/29 5:15 p.m.•30 views

CVE-2024-1010

A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site scripting. It is possib...

5.4CVSS5.3AI score0.00155EPSS