Lucene search
K
IwcnetworkBiometric Shift Employee Management System

7 matches found

CVE
CVE
added 2017/12/30 4:0 a.m.58 views

CVE-2017-17993

Biometric Shift Employee Management System is affected by a cross-site scripting (XSS) vulnerability exposed via the amount parameter in the index.php?user=addition_deduction request. NVD records show XSS with CVSS v2 base score 3.5 (LOW) and a CVSS v3 base score of 5.4 (MEDIUM); attack vector is...

5.4CVSS5.2AI score0.00542EPSS
CVE
CVE
added 2017/12/30 4:0 a.m.56 views

CVE-2017-17990

Biometric Shift Employee Management System is affected by a CSRF vulnerability in the edit_holiday action controlled by index.php. The issue originates fromCross-Site Request Forgery via the edit_holiday operation, enabling unauthorized requests to potentially change holiday data. The CVE entry c...

8.8CVSS8.6AI score0.00509EPSS
CVE
CVE
added 2017/12/30 4:0 a.m.53 views

CVE-2017-17992

Biometric Shift Employee Management System is affected by CVE-2017-17992 due to a directory traversal vulnerability in the download_form action. The root cause is lack of validation in the index.php form_file_name parameter, enabling arbitrary file download. Public records note network exposure w...

9.8CVSS9.3AI score0.01758EPSS
CVE
CVE
added 2017/12/30 4:0 a.m.52 views

CVE-2017-17994

Biometric Shift Employee Management System has an XSS vulnerability in the criteria parameter accessible via index.php?user=competency_criteria. The issue is a cross-site scripting flaw described in CNVD-2018-01396 and corroborated by related records, allowing injected scripts to be executed in a...

5.4CVSS5.2AI score0.00542EPSS
CVE
CVE
added 2017/12/30 4:0 a.m.51 views

CVE-2017-17995

Biometric Shift Employee Management System is affected by a stored/reflected XSS via the Last_Name parameter in the index.php?user=ajax request. The issue, reported across multiple sources (NVD/CNVD/CVELIST, etc.), is caused by improper sanitization of user-supplied input leading to script inject...

5.4CVSS5.2AI score0.00542EPSS
CVE
CVE
added 2017/12/30 4:0 a.m.48 views

CVE-2017-17989

The vulnerability described for CVE-2017-17989 affects the Biometric Shift Employee Management System. The issue is a Cross-Site Scripting (XSS) flaw that can be triggered via the index.php holiday_name parameter in the edit_holiday action. According to the available data, this is the scope, with...

5.4CVSS5.2AI score0.00542EPSS
CVE
CVE
added 2017/12/30 4:0 a.m.47 views

CVE-2017-17991

CVE-2017-17991 affects Biometric Shift Employee Management System, with a stored/reflected XSS in the expense_name parameter of the index.php?user=expenses request. Documents confirm XSS vulnerability but do not provide exploit details, affected versions, or remediation steps.

5.4CVSS5.2AI score0.00542EPSS