cumakurt/CVE-SourceCodester-Best-Employee-Management-System-1.0

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-44185 ↗	May 15, 2025Thursday, 15 May 2025, 15:16	5.4 MEDIUM	—
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the password parameter.
CVE-2025-44184 ↗	May 14, 2025Wednesday, 14 May 2025, 17:15	4.8 MEDIUM	—
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.
CVE-2025-44186 ↗	May 14, 2025Wednesday, 14 May 2025, 17:15	5.4 MEDIUM	—
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.