Skip to main content

Employee Performance Evaluation System

2 CVEs product

Monthly

CVE-2023-29625 HIGH POC This Week

Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Employee Performance Evaluation System
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-40435 MEDIUM POC This Month

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Employee Performance Evaluation System
NVD VulDB
CVSS 3.1
4.8
EPSS
0.6%
EPSS 1% CVSS 8.8
HIGH POC This Week

Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Employee Performance Evaluation System
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Employee Performance Evaluation System
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy