Employee Management System
by Campcodes
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-23022 | 0.00 | — | 0.00 | May 1, 2024 | Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 employee's payroll management system 1.0, allows attackers to execute arbitrary code via the code, title, from_date and to_date inputs in file Main.php. | |||
| CVE-2024-25239 | 0.00 | — | 0.01 | Feb 29, 2024 | SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php. | |||
| CVE-2024-1011 | 0.00 | — | 0.01 | Jan 29, 2024 | A vulnerability classified as problematic was found in SourceCodester Employee Management System 1.0. This vulnerability affects unknown code of the file delete-leave.php of the component Leave Handler. The manipulation of the argument id leads to improper access controls. The… | |||
| CVE-2024-1009 | 0.00 | — | 0.01 | Jan 29, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be… |
- CVE-2023-23022May 1, 2024risk 0.00cvss —epss 0.00
Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 employee's payroll management system 1.0, allows attackers to execute arbitrary code via the code, title, from_date and to_date inputs in file Main.php.
- CVE-2024-25239Feb 29, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php.
- CVE-2024-1011Jan 29, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Employee Management System 1.0. This vulnerability affects unknown code of the file delete-leave.php of the component Leave Handler. The manipulation of the argument id leads to improper access controls. The…
- CVE-2024-1009Jan 29, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be…
Page 2 of 2