Phpgurukul: >> Employee Record Management System >> 1.2 Security Vulnerabilities
Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-10-28
Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-10-28
Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-12-13
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.
CVSS Score
9.8
EPSS Score
0.001
Published
2021-12-13
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php.
CVSS Score
9.8
EPSS Score
0.015
Published
2021-12-01