Leave Management System
by Leave Management System Project
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-44482 | Hig | 0.57 | 8.8 | 0.01 | Dec 21, 2023 | Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database. | ||
| CVE-2023-44481 | Hig | 0.57 | 8.8 | 0.01 | Dec 21, 2023 | Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database. | ||
| CVE-2023-44480 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2023 | Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setcasualleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database. | ||
| CVE-2022-30931 | Med | 0.42 | 6.5 | 0.01 | Jun 14, 2022 | Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) via /myprofile.php. |
- risk 0.57cvss 8.8epss 0.01
Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
- risk 0.57cvss 8.8epss 0.01
Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
- risk 0.57cvss 8.8epss 0.01
Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setcasualleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
- risk 0.42cvss 6.5epss 0.01
Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) via /myprofile.php.