Vulnerabilities > Attendance AND Payroll System Project

DATE CVE VULNERABILITY TITLE RISK
2022-04-21 CVE-2022-28016 SQL Injection vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\deduction_edit.php.
8.8
2022-04-21 CVE-2022-28017 SQL Injection vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\overtime_edit.php.
8.8
2022-04-21 CVE-2022-28018 SQL Injection vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_edit.php.
8.8
2022-04-21 CVE-2022-28019 SQL Injection vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_edit.php.
8.8
2022-04-21 CVE-2022-28020 SQL Injection vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_edit.php.
8.8
2022-03-17 CVE-2021-44087 Unspecified vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.
network
low complexity
attendance-and-payroll-system-project
critical
9.8
2022-03-17 CVE-2021-44088 SQL Injection vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters.
network
low complexity
attendance-and-payroll-system-project CWE-89
critical
9.8