Iwcnetwork CVE - OpenCVE

Filtered by vendor Iwcnetwork Subscribe

Total 8 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-17995	1 Iwcnetwork	1 Biometric Shift Employee Management System	2024-11-21	3.5 LOW	5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.
CVE-2017-17994	1 Iwcnetwork	1 Biometric Shift Employee Management System	2024-11-21	3.5 LOW	5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
CVE-2017-17993	1 Iwcnetwork	1 Biometric Shift Employee Management System	2024-11-21	3.5 LOW	5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
CVE-2017-17992	1 Iwcnetwork	1 Biometric Shift Employee Management System	2024-11-21	5.0 MEDIUM	9.8 CRITICAL
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
CVE-2017-17991	1 Iwcnetwork	1 Biometric Shift Employee Management System	2024-11-21	3.5 LOW	5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
CVE-2017-17990	1 Iwcnetwork	1 Biometric Shift Employee Management System	2024-11-21	6.8 MEDIUM	8.8 HIGH
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
CVE-2017-17989	1 Iwcnetwork	1 Biometric Shift Employee Management System	2024-11-21	3.5 LOW	5.4 MEDIUM
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
CVE-2017-17876	1 Iwcnetwork	1 Shift	2024-11-21	5.0 MEDIUM	7.5 HIGH
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.

Vulnerabilities (CVE)