VYPR
Vendor

Employee Records System

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2019-20183HigJan 9, 2020
    risk 0.47cvss 7.2epss 0.08

    uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side. The attacker can modify global.js to allow the .php extension.

  • CVE-2021-4462Nov 10, 2025
    risk 0.02cvss epss 0.03

    Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded files can be executed because the application does not perform proper…