Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
biometric shift employee management system vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-17989
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
Iwcnetwork Biometric Shift Employee Management System 4.0
3.5
CVSSv2
CVE-2017-17991
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
Iwcnetwork Biometric Shift Employee Management System 4.0
5
CVSSv2
CVE-2017-17992
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
Iwcnetwork Biometric Shift Employee Management System 4.0
3.5
CVSSv2
CVE-2017-17993
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
Iwcnetwork Biometric Shift Employee Management System 4.0
3.5
CVSSv2
CVE-2017-17994
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
Iwcnetwork Biometric Shift Employee Management System 4.0
3.5
CVSSv2
CVE-2017-17995
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.
Iwcnetwork Biometric Shift Employee Management System 4.0
6.8
CVSSv2
CVE-2017-17990
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
Iwcnetwork Biometric Shift Employee Management System 4.0
5
CVSSv2
CVE-2017-17876
Biometric Shift Employee Management System 3.0 allows remote malicious users to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.
Iwcnetwork Shift 3.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started