A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload.
This vulnerability was named CVE-2024-11214. The attack can be initiated remotely. Furthermore, there is an exploit available.
The initial researcher disclosure contains confusing vulnerability classes.
A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-11213. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_product_details.php. The manipulation of the argument barcode leads to sql injection.
This vulnerability is handled as CVE-2024-11212. The attack may be launched remotely. Furthermore, there is an exploit available.