| CVE-2025-14222 | Med | 0.41 | 6.3 | 0.00 | | Dec 8, 2025 | A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /print_personnel_report.php. This manipulation of the argument per_id causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. |
| CVE-2025-14195 | Med | 0.41 | 6.3 | 0.00 | | Dec 7, 2025 | A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/add_file_query.php. The manipulation of the argument per_file results in unrestricted upload. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. |
| CVE-2025-14193 | Med | 0.41 | 6.3 | 0.00 | | Dec 7, 2025 | A vulnerability was determined in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file /view_personnel.php. Executing a manipulation of the argument per_id can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. |
| CVE-2025-14194 | Low | 0.23 | 3.5 | 0.00 | | Dec 7, 2025 | A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /view_personnel.php. The manipulation of the argument per_address/dr_school/other_school leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and might be used. |
