Oretnom23

Human Resource Management System

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-34220

Exploit
  • EPSS 0.42%
  • Veröffentlicht 14.05.2024 15:38:35
  • Zuletzt bearbeitet 18.04.2025 16:23:57

Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter.

9.8

CVE-2023-3391

Exploit
  • EPSS 0.05%
  • Veröffentlicht 23.06.2023 16:15:09
  • Zuletzt bearbeitet 21.11.2024 08:17:10

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection...

6.1

CVE-2022-4279

Exploit
  • EPSS 0.31%
  • Veröffentlicht 03.12.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:55

A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting....

7.2

CVE-2022-4278

Exploit
  • EPSS 0.31%
  • Veröffentlicht 03.12.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:55

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /hrm/employeeadd.php. The manipulation of the argument empid leads to sql injectio...

9.8

CVE-2022-4273

Exploit
  • EPSS 0.36%
  • Veröffentlicht 03.12.2022 09:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:55

A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The m...

6.1

CVE-2022-45218

  • EPSS 0.25%
  • Veröffentlicht 25.11.2022 17:15:11
  • Zuletzt bearbeitet 21.11.2024 07:28:58

Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This vulnerability is triggered via a crafted payload injected into an authentication error message.

9.8

CVE-2022-43262

Exploit
  • EPSS 0.25%
  • Veröffentlicht 16.11.2022 15:15:16
  • Zuletzt bearbeitet 21.11.2024 07:26:09

Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /hrm/controller/login.php.

8.8

CVE-2022-43318

Exploit
  • EPSS 0.24%
  • Veröffentlicht 07.11.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:26:16

Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the stateedit parameter at /hrm/state.php.

6.1

CVE-2022-43317

Exploit
  • EPSS 0.34%
  • Veröffentlicht 07.11.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:26:16

A cross-site scripting (XSS) vulnerability in /hrm/index.php?msg of Human Resource Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

5.4

CVE-2022-3502

Exploit
  • EPSS 0.31%
  • Veröffentlicht 14.10.2022 11:15:09
  • Zuletzt bearbeitet 21.11.2024 07:19:39

A vulnerability was found in Human Resource Management System 1.0. It has been classified as problematic. This affects an unknown part of the component Leave Handler. The manipulation of the argument Reason leads to cross site scripting. It is possib...