Vulnerabilities > Iwcnetwork

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-30	CVE-2017-17995	Cross-site Scripting vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request. network low complexity iwcnetwork CWE-79	5.4
2017-12-30	CVE-2017-17994	Cross-site Scripting vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request. network low complexity iwcnetwork CWE-79	5.4
2017-12-30	CVE-2017-17993	Cross-site Scripting vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. network low complexity iwcnetwork CWE-79	5.4
2017-12-30	CVE-2017-17992	Path Traversal vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. network low complexity iwcnetwork CWE-22 critical	9.8
2017-12-30	CVE-2017-17991	Cross-site Scripting vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. network low complexity iwcnetwork CWE-79	5.4
2017-12-30	CVE-2017-17990	Cross-Site Request Forgery (CSRF) vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. network low complexity iwcnetwork CWE-352	8.8
2017-12-30	CVE-2017-17989	Cross-site Scripting vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. network low complexity iwcnetwork CWE-79	5.4
2017-12-27	CVE-2017-17876	Permission Issues vulnerability in Iwcnetwork Shift 3.0 Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter. network low complexity iwcnetwork CWE-275	7.5

Vulnerabilities > Iwcnetwork {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Iwcnetwork"}]}

Vulnerabilities > Iwcnetwork