Filtered by vendor Code-projects
Subscribe
Filtered by product Human Resource Integrated System
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9740 | 1 Code-projects | 1 Human Resource Integrated System | 2025-09-03 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /log_query.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used. | |||||
| CVE-2025-9741 | 1 Code-projects | 1 Human Resource Integrated System | 2025-09-03 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /login_query12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-9742 | 1 Code-projects | 1 Human Resource Integrated System | 2025-09-03 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-9743 | 1 Code-projects | 1 Human Resource Integrated System | 2025-09-03 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file login_attendance2.php. Performing manipulation of the argument employee_id/date results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2024-0469 | 1 Code-projects | 1 Human Resource Integrated System | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update_personal_info.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250574 is the identifier assigned to this vulnerability. | |||||