Vulnerabilities > Phpgurukul > Employee Record Management System > 1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-28 | CVE-2021-37781 | Cross-site Scripting vulnerability in PHPgurukul Employee Record Management System 1.2 Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php. | 5.4 |
2022-10-28 | CVE-2021-37782 | SQL Injection vulnerability in PHPgurukul Employee Record Management System 1.2 Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php. | 9.8 |
2021-12-13 | CVE-2021-44965 | Path Traversal vulnerability in PHPgurukul Employee Record Management System 1.2 Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server. | 7.5 |
2021-12-13 | CVE-2021-44966 | SQL Injection vulnerability in PHPgurukul Employee Record Management System 1.2 SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. | 9.8 |
2021-12-01 | CVE-2021-43451 | SQL Injection vulnerability in PHPgurukul Employee Record Management System 1.2 SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php. | 9.8 |