Search
Search Results (7 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7118 | 1 Code-projects | 1 Employee Management System | 2026-04-28 | 6.3 Medium |
| A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-7114 | 1 Code-projects | 1 Employee Management System | 2026-04-28 | 6.3 Medium |
| A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-7115 | 1 Code-projects | 1 Employee Management System | 2026-04-28 | 6.3 Medium |
| A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-7116 | 1 Code-projects | 1 Employee Management System | 2026-04-28 | 4.3 Medium |
| A security flaw has been discovered in code-projects Employee Management System 1.0. This issue affects some unknown processing of the file 370project/mark.php. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-7117 | 1 Code-projects | 1 Employee Management System | 2026-04-28 | 6.3 Medium |
| A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-7063 | 1 Code-projects | 1 Employee Management System | 2026-04-27 | 7.3 High |
| A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing a manipulation of the argument pwd results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2026-7095 | 1 Code-projects | 1 Employee Management System | 2026-04-27 | 4.3 Medium |
| A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | ||||
Page 1 of 1.