2 matches found
CVE-2025-3536
CVE-2025-3536 affects Tutorials-Website Employee Management System 1.0. The vulnerability resides in the /admin/delete-user.php endpoint where manipulating the ID argument leads to improper authorization. The issue is exploitable remotely and the public exploit is available. No vendor response is...
CVE-2025-3537
CVE-2025-3537 affects Tutorials-Website Employee Management System v1.0. The vulnerability exists in an unknown portion of the file /admin/update-user.php, where manipulating the ID argument enables improper authorization and remote attack capability. Public disclosure of the exploit is noted, wi...