VYPR

Attendance and Payroll System

by Sourcecodester

CVEs (10)

  • CVE-2021-44087Mar 17, 2022
    risk 0.02cvss epss 0.05

    A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.

  • CVE-2024-10422Oct 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in SourceCodester Attendance and Payroll System 1.0. This issue affects some unknown processing of the file /admin/overtime_add.php. The manipulation of the argument id leads to sql injection. The attack may be…

  • CVE-2024-10421Oct 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in SourceCodester Attendance and Payroll System 1.0. This vulnerability affects unknown code of the file /admin/overtime_row.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely.…

  • CVE-2024-10420Oct 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the…

  • CVE-2022-28006Apr 21, 2022
    risk 0.00cvss epss 0.01

    Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php.

  • CVE-2022-28012Apr 21, 2022
    risk 0.00cvss epss 0.01

    Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_delete.php.

  • CVE-2022-28014Apr 21, 2022
    risk 0.00cvss epss 0.01

    Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_edit.php.

  • CVE-2022-28019Apr 21, 2022
    risk 0.00cvss epss 0.01

    Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_edit.php.

  • CVE-2022-28020Apr 21, 2022
    risk 0.00cvss epss 0.01

    Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_edit.php.

  • CVE-2021-44088Mar 17, 2022
    risk 0.00cvss epss 0.03

    An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters.