CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2577 – SourceCodester Employee Task Management System update-employee.php authorization
https://notcve.org/view.php?id=CVE-2024-2577
18 Mar 2024 — A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20update-employee.php.md • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2576 – SourceCodester Employee Task Management System update-admin.php authorization
https://notcve.org/view.php?id=CVE-2024-2576
18 Mar 2024 — A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20update-admin.php.md • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2575 – SourceCodester Employee Task Management System task-details.php authorization
https://notcve.org/view.php?id=CVE-2024-2575
18 Mar 2024 — A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to authorization bypass. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20task-details.php.md • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2574 – SourceCodester Employee Task Management System edit-task.php authorization
https://notcve.org/view.php?id=CVE-2024-2574
18 Mar 2024 — A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20edit-task.php.md • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2024-2573 – SourceCodester Employee Task Management System task-info.php redirect
https://notcve.org/view.php?id=CVE-2024-2573
18 Mar 2024 — A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file /task-info.php. The manipulation leads to execution after redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/codeb0ss/CVE-2024-25735-PoC • CWE-698: Execution After Redirect (EAR) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2024-2572 – SourceCodester Employee Task Management System task-details.php redirect
https://notcve.org/view.php?id=CVE-2024-2572
18 Mar 2024 — A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be initiated remotely. • https://github.com/david-botelho-mariano/exploit-CVE-2024-25723 • CWE-698: Execution After Redirect (EAR) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2571 – SourceCodester Employee Task Management System manage-admin.php redirect
https://notcve.org/view.php?id=CVE-2024-2571
18 Mar 2024 — A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be initiated remotely. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20manage-admin.php.md • CWE-698: Execution After Redirect (EAR) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2570 – SourceCodester Employee Task Management System edit-task.php redirect
https://notcve.org/view.php?id=CVE-2024-2570
18 Mar 2024 — A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect. It is possible to initiate the attack remotely. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20edit-task.php.md • CWE-698: Execution After Redirect (EAR) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2569 – SourceCodester Employee Task Management System admin-manage-user.php redirect
https://notcve.org/view.php?id=CVE-2024-2569
17 Mar 2024 — A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin-manage-user.php. The manipulation leads to execution after redirect. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20admin-manage-user.php.md • CWE-698: Execution After Redirect (EAR) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2556 – SourceCodester Employee Task Management System attendance-info.php sql injection
https://notcve.org/view.php?id=CVE-2024-2556
17 Mar 2024 — A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/tht1997/WhiteBox/blob/main/sourcecodesters/employee-management-system-php-attendance-info.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •