| CVE-2025-9743 | Hig | 0.47 | 7.3 | 0.00 | | Aug 31, 2025 | A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file login_attendance2.php. Performing manipulation of the argument employee_id/date results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. |
| CVE-2025-9742 | Hig | 0.47 | 7.3 | 0.00 | | Aug 31, 2025 | A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. |
| CVE-2025-9741 | Hig | 0.47 | 7.3 | 0.00 | | Aug 31, 2025 | A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /login_query12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. |
| CVE-2025-9740 | Hig | 0.47 | 7.3 | 0.00 | | Aug 31, 2025 | A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /log_query.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used. |
