Sourcecodester Human Resource Information System vulnerabilities

5 known vulnerabilities affecting sourcecodester/human_resource_information_system.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2025-9476MEDIUMCVSS 6.9v1.02025-08-26
CVE-2025-9476 [MEDIUM] CWE-284 CVE-2025-9476: A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /Superadmin_Dashboard/process/editemployee_process.php. Such manipulation of the argument employee_file201 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclo
cvelistv5nvd
CVE-2025-9475MEDIUMCVSS 6.9v1.02025-08-26
CVE-2025-9475 [MEDIUM] CWE-284 CVE-2025-9475: A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vuln A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin_Dashboard/process/editemployee_process.php. This manipulation of the argument employee_file201 causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and
cvelistv5nvd
CVE-2024-3413CRITICALCVSS 9.8v1.02024-04-06
CVE-2024-3413 [HIGH] CWE-89 CVE-2024-3413: A vulnerability has been found in SourceCodester Human Resource Information System 1.0 and classifie A vulnerability has been found in SourceCodester Human Resource Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file initialize/login_process.php. The manipulation of the argument hr_email/hr_password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the publi
cvelistv5nvd
CVE-2024-3415MEDIUMCVSS 4.8v1.02024-04-06
CVE-2024-3415 [LOW] CWE-79 CVE-2024-3415: A vulnerability was found in SourceCodester Human Resource Information System 1.0. It has been class A vulnerability was found in SourceCodester Human Resource Information System 1.0. It has been classified as problematic. Affected is an unknown function of the file Superadmin_Dashboard/process/addbranches_process.php. The manipulation of the argument branches_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit h
cvelistv5nvd
CVE-2024-3414MEDIUMCVSS 4.8v1.02024-04-06
CVE-2024-3414 [LOW] CWE-79 CVE-2024-3414: A vulnerability was found in SourceCodester Human Resource Information System 1.0 and classified as A vulnerability was found in SourceCodester Human Resource Information System 1.0 and classified as problematic. This issue affects some unknown processing of the file Superadmin_Dashboard/process/addcorporate_process.php. The manipulation of the argument corporate_name leads to cross site scripting. The attack may be initiated remotely. The exploit has be
cvelistv5nvd