Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iwcnetwork vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-17876
Biometric Shift Employee Management System 3.0 allows remote malicious users to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.
Iwcnetwork Shift 3.0
1 EDB exploit
5.4
CVSSv3
CVE-2017-17989
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
Iwcnetwork Biometric Shift Employee Management System 4.0
8.8
CVSSv3
CVE-2017-17990
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
Iwcnetwork Biometric Shift Employee Management System 4.0
5.4
CVSSv3
CVE-2017-17991
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
Iwcnetwork Biometric Shift Employee Management System 4.0
9.8
CVSSv3
CVE-2017-17992
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
Iwcnetwork Biometric Shift Employee Management System 4.0
5.4
CVSSv3
CVE-2017-17993
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
Iwcnetwork Biometric Shift Employee Management System 4.0
5.4
CVSSv3
CVE-2017-17994
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
Iwcnetwork Biometric Shift Employee Management System 4.0
5.4
CVSSv3
CVE-2017-17995
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.
Iwcnetwork Biometric Shift Employee Management System 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started