Action And Information Management System
by Oneorzero
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-37347 | Cri | 0.59 | 9.1 | 0.00 | Apr 16, 2026 | SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_employee.php. | ||
| CVE-2026-37346 | Med | 0.31 | 4.7 | 0.00 | Apr 16, 2026 | SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=. | ||
| CVE-2012-0989 | 0.03 | — | 0.02 | Oct 1, 2012 | Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. | |||
| CVE-2011-4215 | 0.00 | — | 0.01 | Nov 1, 2011 | SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable. | |||
| CVE-2011-4214 | 0.00 | — | 0.03 | Nov 1, 2011 | OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie. |
- risk 0.59cvss 9.1epss 0.00
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_employee.php.
- risk 0.31cvss 4.7epss 0.00
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=.
- CVE-2012-0989Oct 1, 2012risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
- CVE-2011-4215Nov 1, 2011risk 0.00cvss —epss 0.01
SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable.
- CVE-2011-4214Nov 1, 2011risk 0.00cvss —epss 0.03
OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie.