RSS   Vulnerabilities for
'Biometric shift employee management system'
   RSS

2017-12-29
 
CVE-2017-17995

CWE-79
 

 
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.

 
 
CVE-2017-17994

CWE-79
 

 
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.

 
 
CVE-2017-17993

CWE-79
 

 
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.

 
 
CVE-2017-17992

CWE-22
 

 
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.

 
 
CVE-2017-17991

CWE-79
 

 
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.

 
 
CVE-2017-17990

CWE-352
 

 
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.

 
 
CVE-2017-17989

CWE-79
 

 
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.

 

 >>> Vendor: Iwcnetwork 2 Products
Biometric shift employee management system
Shift


Copyright 2018, cxsecurity.com

 

Back to Top