Skip to main content

Employee Records System

1 CVEs product

Monthly

CVE-2021-4462 CRITICAL POC THREAT Emergency

Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.9%.

File Upload PHP Employee Records System
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
20.9%
Threat
4.0
EPSS 21% 4.0 CVSS 9.3
CRITICAL POC THREAT Emergency

Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.9%.

File Upload PHP Employee Records System
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy