VYPR

Human Resource Management System

by Angeljudesuarez

CVEs (33)

  • CVE-2025-13421HigNov 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0. Impacted is an unknown function of the file /src/store/NoticeStore.php. Such manipulation of the argument noticeDesc leads to sql injection. The attack can be launched remotely. The…

  • CVE-2025-13420HigNov 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue affects some unknown processing of the file /src/store/EventStore.php. This manipulation of the argument eventSubject causes sql injection. The attack can be initiated remotely. The…

  • CVE-2025-10197MedSep 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in HJSoft HCM Human Resources Management System up to 20250822. Affected by this vulnerability is an unknown functionality of the file /templates/attestation/../../selfservice/lawresource/downlawbase. Performing manipulation of the argument ID results…

  • CVE-2025-40685Jul 29, 2025
    risk 0.00cvss epss 0.00

    Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searcstate' parameter in/state.php.

  • CVE-2025-40684Jul 29, 2025
    risk 0.00cvss epss 0.00

    Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccountry' parameter in/country.php.

  • CVE-2025-40682Jul 29, 2025
    risk 0.00cvss epss 0.00

    SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint.

  • CVE-2025-3384Apr 7, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in 1000 Projects Human Resource Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /controller/employee.php. The manipulation of the argument email leads to sql injection. It is possible to launch the…

  • CVE-2025-2590Mar 21, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in code-projects Human Resource Management System 1.0.1. It has been classified as problematic. Affected is the function UpdateRecruitmentById of the file \handler\recruitment.go. The manipulation of the argument c leads to cross site scripting. It is…

  • CVE-2025-2589Mar 21, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in code-projects Human Resource Management System 1.0.1 and classified as critical. This issue affects the function Index of the file \handler\Account.go. The manipulation of the argument user_cookie leads to improper authorization. The exploit has been…

  • CVE-2024-13006Dec 29, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in 1000 Projects Human Resource Management System 1.0. This issue affects some unknown processing of the file /employeeview.php. The manipulation of the argument search leads to sql injection. The attack may be…

  • CVE-2024-35469May 30, 2024
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter.

  • CVE-2024-35468May 30, 2024
    risk 0.00cvss epss 0.00

    A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter.

  • CVE-2024-34221May 13, 2024
    risk 0.00cvss epss 0.01

    Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation.

  • CVE-2024-34222May 13, 2024
    risk 0.00cvss epss 0.00

    Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the searccountry parameter.

  • CVE-2024-34223May 13, 2024
    risk 0.00cvss epss 0.00

    Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket.

  • CVE-2024-34220May 9, 2024
    risk 0.00cvss epss 0.01

    Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter.

  • CVE-2023-3391Jun 23, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated…

  • CVE-2022-4279Dec 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the…

  • CVE-2022-4278Dec 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /hrm/employeeadd.php. The manipulation of the argument empid leads to sql injection. The attack may be…

  • CVE-2022-4273Dec 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument…

Page 1 of 2