Skip to main content

Biometric Shift Employee Management System

7 CVEs product

Monthly

CVE-2017-17995 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17994 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17993 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17992 CRITICAL POC Act Now

Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
CVE-2017-17991 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17990 HIGH POC This Week

Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17989 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Biometric Shift Employee Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Biometric Shift Employee Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy