A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation of the argument currentpassword leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-7127. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by this issue is some unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection.
This vulnerability is handled as CVE-2025-7126. The attack may be launched remotely. Furthermore, there is an exploit available.
A vulnerability classified as critical was found in itsourcecode Employee Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/editempeducation.php. The manipulation of the argument coursepg leads to sql injection.
This vulnerability is known as CVE-2025-7125. The attack can be launched remotely. Furthermore, there is an exploit available.
A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload.
This vulnerability is traded as CVE-2025-7124. It is possible to launch the attack remotely. Furthermore, there is an exploit available.