Description
A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /Superadmin_Dashboard/process/editemployee_process.php. Such manipulation of the argument employee_file201 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Es wurde eine Schwachstelle in SourceCodester Human Resource Information System 1.0 entdeckt. Betroffen hiervon ist ein unbekannter Ablauf der Datei /Superadmin_Dashboard/process/editemployee_process.php. Durch die Manipulation des Arguments employee_file201 mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann remote ausgeführt werden. Der Exploit steht zur öffentlichen Verfügung.
Problem types
Product status
Timeline
| 2025-08-25: | Advisory disclosed |
| 2025-08-25: | VulDB entry created |
| 2025-08-25: | VulDB entry last update |
Credits
M00n_L33 (VulDB User)
References
vuldb.com/?id.321345 (VDB-321345 | SourceCodester Human Resource Information System editemployee_process.php unrestricted upload)
vuldb.com/?ctiid.321345 (VDB-321345 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/?submit.634757 (Submit #634757 | SourceCodester Human Resource Information System V0.1 Unrestricted Upload)
github.com/lrjbsyh/CVE_Hunter/issues/5
github.com/lrjbsyh/CVE_Hunter/issues/5
www.sourcecodester.com/
