Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Online Leave Management System ProjectOnline Leave Management System1.0

12 matches found

CVE
CVEadded 2022/10/07 7:15 p.m.52 views

CVE-2022-41379

An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

7.2CVSS7.2AI score0.00106EPSS
CVE
CVEadded 2022/09/12 11:15 p.m.48 views

CVE-2022-38303

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php.

7.2CVSS7.2AI score0.00086EPSS
CVE
CVEadded 2022/11/17 9:15 p.m.47 views

CVE-2022-43179

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=.

7.2CVSS7.2AI score0.00068EPSS
CVE
CVEadded 2022/09/26 1:15 p.m.43 views

CVE-2022-40926

Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type.

7.2CVSS7.3AI score0.00086EPSS
CVE
CVEadded 2022/12/07 2:15 a.m.42 views

CVE-2022-45008

Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /leave_system/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name ...

4.8CVSS5AI score0.00069EPSS
CVE
CVEadded 2022/09/26 1:15 p.m.41 views

CVE-2022-40927

Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.

7.2CVSS7.3AI score0.00086EPSS
CVE
CVEadded 2022/09/12 11:15 p.m.40 views

CVE-2022-38302

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_department.php.

7.2CVSS7.2AI score0.00086EPSS
CVE
CVEadded 2022/09/26 1:15 p.m.39 views

CVE-2022-40928

Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application.

7.2CVSS7.3AI score0.00086EPSS
CVE
CVEadded 2022/12/07 2:15 a.m.38 views

CVE-2022-45009

Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leave_system/classes/SystemSettings.php?f=update_settings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

7.2CVSS7.3AI score0.002EPSS
CVE
CVEadded 2022/09/12 11:15 p.m.37 views

CVE-2022-38304

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php.

7.2CVSS7.2AI score0.00086EPSS
CVE
CVEadded 2022/01/21 8:15 p.m.36 views

CVE-2021-40595

SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /leave_system/classes/Login.php.

9.8CVSS9.9AI score0.00578EPSS
CVE
CVEadded 2022/10/06 8:15 p.m.29 views

CVE-2022-41355

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Master.php?f=delete_department.

7.2CVSS7.2AI score0.00072EPSS