Vulnerability Details CVE-2022-28006
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://github.com/k0xx11/bug_report/blob/main/bug_a/README.md
- https://www.sourcecodester.com/php/12268/attendance-and-payroll-system-using-php.html
- https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip
- https://github.com/k0xx11/bug_report/blob/main/bug_a/README.md
- https://www.sourcecodester.com/php/12268/attendance-and-payroll-system-using-php.html
- https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip
Products affected by CVE-2022-28006
-
cpe:2.3:a:attendance_and_payroll_system_project:attendance_and_payroll_system:1.0