Filtered by vendor Skittles
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4462 | 2 Employee Records System Project, Skittles | 2 Employee Records System, Employee Records System | 2025-11-24 | 9.8 Critical |
| Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded files can be executed because the application does not perform proper server-side validation. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC. | ||||
Page 1 of 1.