Mayurik

Best Employee Management System

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-44185

Exploit
  • EPSS 0.04%
  • Veröffentlicht 15.05.2025 00:00:00
  • Zuletzt bearbeitet 28.05.2025 14:29:42

SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the password parameter.

4.8

CVE-2025-44184

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.05.2025 00:00:00
  • Zuletzt bearbeitet 28.05.2025 14:31:39

SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.

5.4

CVE-2025-44186

Exploit
  • EPSS 0.04%
  • Veröffentlicht 14.05.2025 00:00:00
  • Zuletzt bearbeitet 27.05.2025 14:19:07

SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.

9.8

CVE-2025-2046

Exploit
  • EPSS 0.12%
  • Veröffentlicht 06.03.2025 22:15:36
  • Zuletzt bearbeitet 29.04.2025 15:15:26

A vulnerability was found in SourceCodester Best Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/print1.php. The manipulation of the argument id leads to sql injection...

4.3

CVE-2025-1607

Exploit
  • EPSS 0.03%
  • Veröffentlicht 24.02.2025 01:15:09
  • Zuletzt bearbeitet 14.05.2025 21:17:49

A vulnerability, which was classified as problematic, has been found in SourceCodester Best Employee Management System 1.0. This issue affects some unknown processing of the file /admin/salary_slip.php. The manipulation of the argument id leads to au...

7.5

CVE-2025-1606

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.02.2025 00:15:09
  • Zuletzt bearbeitet 28.02.2025 18:33:35

A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0. This vulnerability affects unknown code of the file /admin/backup/backups.php. The manipulation leads to information disclosure. The attack can...

9.8

CVE-2025-1593

  • EPSS 0.16%
  • Veröffentlicht 23.02.2025 20:15:09
  • Zuletzt bearbeitet 28.02.2025 18:33:35

A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation lea...

6.1

CVE-2025-1592

  • EPSS 0.08%
  • Veröffentlicht 23.02.2025 20:15:08
  • Zuletzt bearbeitet 28.02.2025 18:33:35

A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipul...

8.1

CVE-2025-0802

Exploit
  • EPSS 0.04%
  • Veröffentlicht 29.01.2025 02:15:27
  • Zuletzt bearbeitet 10.02.2025 14:06:03

A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of the component Administrative Endpoint. The manipula...

7.2

CVE-2024-11213

Exploit
  • EPSS 0.1%
  • Veröffentlicht 14.11.2024 16:15:18
  • Zuletzt bearbeitet 19.11.2024 15:48:58

A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. It is possi...