Vulnerabilities (CVE)

Filtered by vendor Phpgurukul Subscribe
Filtered by product Employee Management System
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-24497 1 Phpgurukul 1 Employee Management System 2024-02-12 N/A 9.8 CRITICAL
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to execute arbitrary SQL commands via the txtusername and txtpassword parameters in the login.php components.
CVE-2024-24498 1 Phpgurukul 1 Employee Management System 2024-02-12 N/A 9.8 CRITICAL
Unrestricted File Upload vulnerability in Employee Management System 1.0 allows a remote attacker to execute arbitrary code via the edit-photo.php component.
CVE-2024-24499 1 Phpgurukul 1 Employee Management System 2024-02-12 N/A 9.8 CRITICAL
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to execute arbitrary SQL commands via the txtfullname and txtphone parameters in the edit_profile.php component.