Vulnerabilities (CVE)

Filtered by vendor Iwcnetwork Subscribe
Filtered by product Biometric Shift Employee Management System
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17991 1 Iwcnetwork 1 Biometric Shift Employee Management System 2024-02-28 3.5 LOW 5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
CVE-2017-17992 1 Iwcnetwork 1 Biometric Shift Employee Management System 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
CVE-2017-17989 1 Iwcnetwork 1 Biometric Shift Employee Management System 2024-02-28 3.5 LOW 5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
CVE-2017-17993 1 Iwcnetwork 1 Biometric Shift Employee Management System 2024-02-28 3.5 LOW 5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
CVE-2017-17990 1 Iwcnetwork 1 Biometric Shift Employee Management System 2024-02-28 6.8 MEDIUM 8.8 HIGH
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
CVE-2017-17994 1 Iwcnetwork 1 Biometric Shift Employee Management System 2024-02-28 3.5 LOW 5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
CVE-2017-17995 1 Iwcnetwork 1 Biometric Shift Employee Management System 2024-02-28 3.5 LOW 5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.