Oretnom23 Human_resource_management_system
29 CVEs affecting Oretnom23 Human_resource_management_system. Latest disclosed: 2025-07-29. Critical: 3, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-40682 | Critical | 9.8 | 2025-07-29 | SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the… |
CVE-2024-35469 | Critical | 9.8 | 2024-05-30 | A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the p… |
CVE-2022-43262 | Critical | 9.8 | 2022-11-16 | Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /hrm/controller/login.php. |
CVE-2024-34221 | High | 8.8 | 2024-05-14 | Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation. |
CVE-2022-43318 | High | 8.8 | 2022-11-07 | Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the stateedit parameter at /hrm/state.php. |
CVE-2024-34220 | High | 7.5 | 2024-05-14 | Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter. |
CVE-2022-4273 | High | 7.3 | 2022-12-03 | A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown proce… |
CVE-2023-3391 | Medium | 6.3 | 2023-06-23 | A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of… |
CVE-2022-3496 | Medium | 6.3 | 2022-10-14 | A vulnerability was found in SourceCodester Human Resource Management System 1.0 and classified as critical. This issue affects some unknown processing of the… |
CVE-2022-3492 | Medium | 6.3 | 2022-10-13 | A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the compone… |
CVE-2022-3473 | Medium | 6.3 | 2022-10-13 | A vulnerability classified as critical has been found in SourceCodester Human Resource Management System. This affects an unknown part of the file getstatecity… |
CVE-2022-3472 | Medium | 6.3 | 2022-10-13 | A vulnerability was found in SourceCodester Human Resource Management System. It has been rated as critical. Affected by this issue is some unknown functionali… |
CVE-2022-3471 | Medium | 6.3 | 2022-10-13 | A vulnerability was found in SourceCodester Human Resource Management System. It has been declared as critical. Affected by this vulnerability is an unknown fu… |
CVE-2022-3470 | Medium | 6.3 | 2022-10-13 | A vulnerability was found in SourceCodester Human Resource Management System. It has been classified as critical. Affected is an unknown function of the file g… |
CVE-2022-3458 | Medium | 6.3 | 2022-10-12 | A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown… |
CVE-2025-40686 | Medium | 6.1 | 2025-07-29 | Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in… |
CVE-2025-40685 | Medium | 6.1 | 2025-07-29 | Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in… |
CVE-2025-40684 | Medium | 6.1 | 2025-07-29 | Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in… |
CVE-2025-40683 | Medium | 6.1 | 2025-07-29 | Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in… |
CVE-2022-45218 | Medium | 6.1 | 2022-11-25 | Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This vulnerability is triggered via a crafted pay… |