Filtered by vendor Walterjnr1 Subscriptions
Filtered by product Employee Management System Subscriptions

Search

Switch to Advanced Search (Beta)
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-28595 1 Walterjnr1 1 Employee Management System 2025-05-13 9.8 Critical
SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the admin_id parameter in update-admin.php.
CVE-2024-25325 1 Walterjnr1 1 Employee Management System 2025-05-12 7.1 High
SQL injection vulnerability in Employee Management System v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to the txtemail parameter in the login.php.
CVE-2024-25239 2 Sourcecodester, Walterjnr1 2 Employee Management System, Employee Management System 2025-04-30 9.8 Critical
SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php.
CVE-2024-1833 2 Sourcecodester, Walterjnr1 2 Employee Management System, Employee Management System 2025-04-05 7.3 High
A vulnerability was found in SourceCodester Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Account/login.php. The manipulation of the argument txtusername/txtphone leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-2394 1 Walterjnr1 1 Employee Management System 2025-02-26 4.7 Medium
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/add-admin.php. The manipulation of the argument avatar leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256454 is the identifier assigned to this vulnerability.