Iwcnetwork: >> Biometric Shift Employee Management System Security Vulnerabilities
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-12-30
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-12-30
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-12-30
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
CVSS Score
9.8
EPSS Score
0.008
Published
2017-12-30
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-12-30
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-12-30
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-12-30