Vulnerabilities > Employee Performance Evaluation System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-14 | CVE-2023-29625 | Unrestricted Upload of File with Dangerous Type vulnerability in Employee Performance Evaluation System Project Employee Performance Evaluation System 1.0 Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 8.8 |
| 2022-12-19 | CVE-2022-40435 | Cross-site Scripting vulnerability in Employee Performance Evaluation System Project Employee Performance Evaluation System 1.0 Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module. | 4.8 |
| 2021-01-20 | CVE-2020-35272 | Cross-site Scripting vulnerability in Employee Performance Evaluation System Project Employee Performance Evaluation System 1.0 Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Admin Portal in the Task and Description fields. | 4.8 |
| 2021-01-20 | CVE-2020-35271 | Cross-site Scripting vulnerability in Employee Performance Evaluation System Project Employee Performance Evaluation System 1.0 Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Employees, First Name and Last Name fields. | 4.8 |