Mayuri K Best Employee Management System 1.0
Approved changes feed: RSS · Atom
cpe:2.3:a:mayurik:best_employee_management_system:1.0:*:*:*:*:*:*:*
part: a version: 1.0 update: *
| Vendor | Mayurik (727a23cf-b3c3-54bf-b09e-da411a18e16c) |
|---|---|
| Product | Best Employee Management System (5e3a8c3f-3463-55b9-90ec-b12399f8be9c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-44186 |
vulnerable | 2026-06-03 15:01:18.564527 |
Details available
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.
Published: 2025-05-14T00:00:00.000Z
Updated: 2025-05-19T18:00:58.466Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-44185 |
vulnerable | 2026-06-03 15:01:18.564150 |
Details available
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the password parameter.
Published: 2025-05-15T00:00:00.000Z
Updated: 2025-05-19T18:23:03.758Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-44184 |
vulnerable | 2026-06-03 15:01:18.563665 |
Details available
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.
Published: 2025-05-14T00:00:00.000Z
Updated: 2025-05-15T13:51:56.530Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2046 |
vulnerable | 2026-06-03 15:00:15.713021 |
SourceCodester Best Employee Management System print1.php sql injection
MEDIUM (6.3)
A vulnerability was found in SourceCodester Best Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/print1.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-06T22:00:14.050Z
Updated: 2025-03-07T19:42:29.387Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1607 |
vulnerable | 2026-06-03 14:59:05.868240 |
SourceCodester Best Employee Management System salary_slip.php authorization
MEDIUM (4.3)
A vulnerability, which was classified as problematic, has been found in SourceCodester Best Employee Management System 1.0. This issue affects some unknown processing of the file /admin/salary_slip.php. The manipulation of the argument id leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-02-24T00:31:05.135Z
Updated: 2025-02-24T12:57:44.293Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1606 |
vulnerable | 2026-06-03 14:59:05.867868 |
SourceCodester Best Employee Management System backups.php information disclosure
MEDIUM (4.3)
A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0. This vulnerability affects unknown code of the file /admin/backup/backups.php. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-02-24T00:00:16.256Z
Updated: 2025-02-24T12:57:16.992Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1593 |
vulnerable | 2026-06-03 14:59:05.859839 |
SourceCodester Best Employee Management System Profile Picture unrestricted upload
MEDIUM (4.7)
A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely.
Published: 2025-02-23T20:00:08.964Z
Updated: 2025-02-24T12:04:10.971Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1592 |
vulnerable | 2026-06-03 14:59:05.859156 |
SourceCodester Best Employee Management System Add Role Page Role.php cross site scripting
LOW (2.4)
A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument assign_name/description leads to cross site scripting. The attack may be launched remotely.
Published: 2025-02-23T19:31:04.850Z
Updated: 2025-02-24T12:05:21.364Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0802 |
vulnerable | 2026-06-03 14:58:32.963702 |
SourceCodester Best Employee Management System Administrative Endpoint View_user.php access control
HIGH (7.3)
A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of the component Administrative Endpoint. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-01-29T02:00:14.351Z
Updated: 2025-02-12T19:51:15.628Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11214 |
vulnerable | 2026-06-03 14:54:13.677380 |
SourceCodester Best Employee Management System profile.php unrestricted upload
MEDIUM (4.7)
A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure contains confusing vulnerability classes.
Published: 2024-11-14T16:00:15.245Z
Updated: 2024-11-14T17:04:42.105Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11213 |
vulnerable | 2026-06-03 14:54:13.676861 |
SourceCodester Best Employee Management System edit_role.php sql injection
MEDIUM (4.7)
A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2024-11-14T16:00:12.617Z
Updated: 2024-11-14T17:05:41.050Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11212 |
vulnerable | 2026-06-03 14:54:13.676250 |
SourceCodester Best Employee Management System fetch_product_details.php sql injection
MEDIUM (6.3)
A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_product_details.php. The manipulation of the argument barcode leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2024-11-14T15:00:12.619Z
Updated: 2024-11-14T16:10:29.491Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.