5.1
CVE-2025-1593 - SourceCodester Best Employee Management System Profile Picture unrestricted upload
A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It is possible to initβ¦
4.8
CVE-2025-1592 - SourceCodester Best Employee Management System Add Role Page Role.php cross site scripting
A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument assign_name/description leaβ¦
4.8
CVE-2025-1591 - SourceCodester Employee Management System Department Page department.php cross site scripting
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /department.php of the component Department Page. The manipulation of the argument Department Name leads to cross sβ¦
5.1
CVE-2025-1590 - SourceCodester E-Learning System List of Lessons Page index.php unrestricted upload
A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the attacβ¦
5.3
CVE-2025-1589 - SourceCodester E-Learning System User Registration register.php cross site scripting
A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely.
0.0
CVE-2025-1628 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.9
CVE-2025-1588 - PHPGurukul Online Nurse Hiring System manage-nurse.php path traversal
A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage-nurse.php. The manipulation of the argument profilepic leads to path traversal: '../filedir'. The attack can be initiated remotelβ¦
5.1
CVE-2025-1467 -
Versions of the package tarteaucitronjs before 1.17.0 are vulnerable to Cross-site Scripting (XSS) via the getElemWidth() and getElemHeight(). This is related to [SNYK-JS-TARTEAUCITRONJS-8366541](https://security.snyk.io/vuln/SNYK-JS-TARTEAUCITRONJS-8366541)
4.8
CVE-2025-1587 - SourceCodester Telecom Billing Management System Add New Record main.cpp addrecords buffer overflow
A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects the function addrecords of the file main.cpp of the component Add New Record. The manipulation of the argument name/phonenumber leads to buffer overflow. Local accessβ¦
5.1
CVE-2025-1586 - code-projects Blood Bank System A-.php cross site scripting
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /Blood/A-.php. The manipulation of the argument Bloodname leads to cross site scripting. The attack can be initiated remotely. The exploit has bβ¦