Remyandrade Employee Management System vulnerabilities

CVE-2025-26258 [MEDIUM] CWE-79 CVE-2025-26258: Sourcecodester Employee Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via 'Add Sourcecodester Employee Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via 'Add Designation.'

CVE-2025-57117 [MEDIUM] CWE-79 CVE-2025-57117: A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department.

CVE-2025-29719 [MEDIUM] CWE-79 CVE-2025-29719: SourceCodester (rems) Employee Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in SourceCodester (rems) Employee Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add_employee.php via the First Name and Address text fields.

CVE-2025-1905 [MEDIUM] CWE-79 CVE-2025-1905: A vulnerability, which was classified as problematic, was found in SourceCodester Employee Managemen A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file employee.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. O

CVE-2025-1160 [MEDIUM] CWE-1392 CVE-2025-1160: A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as cri A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public