VYPR

Best Employee Management System

by Sourcecodester

CVEs (12)

  • CVE-2025-0802HigJan 29, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of the component Administrative Endpoint. The manipulation leads to improper access…

  • CVE-2025-2046MedMar 6, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Best Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/print1.php. The manipulation of the argument id leads to sql injection. The attack may be launched…

  • CVE-2024-11212MedNov 14, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_product_details.php. The manipulation of the argument barcode leads to sql…

  • CVE-2025-44185MedMay 15, 2025
    risk 0.35cvss 5.4epss 0.00

    SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the password parameter.

  • CVE-2025-44186MedMay 14, 2025
    risk 0.35cvss 5.4epss 0.00

    SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.

  • CVE-2025-44184MedMay 14, 2025
    risk 0.31cvss 4.8epss 0.00

    SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.

  • CVE-2025-1593MedFeb 23, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It…

  • CVE-2024-11214MedNov 14, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be…

  • CVE-2024-11213MedNov 14, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-1607MedFeb 24, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability, which was classified as problematic, has been found in SourceCodester Best Employee Management System 1.0. This issue affects some unknown processing of the file /admin/salary_slip.php. The manipulation of the argument id leads to authorization bypass. The…

  • CVE-2025-1606MedFeb 24, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0. This vulnerability affects unknown code of the file /admin/backup/backups.php. The manipulation leads to information disclosure. The attack can be initiated remotely. The…

  • CVE-2025-1592LowFeb 23, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument…