ГлавнаяУязвимости → CVE-2025-9476
7.3высокая

CVE-2025-9476

Описание

A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /Superadmin_Dashboard/process/editemployee_process.php. Such manipulation of the argument employee_file201 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Затрагиваемое ПО
Nelzkie15 Human resource information system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/lrjbsyh/CVE_Hunter/issues/5https://github.com/lrjbsyh/CVE_Hunter/issues/5#issue-3322736605https://vuldb.com/?ctiid.321345https://vuldb.com/?id.321345https://vuldb.com/?submit.634757https://www.sourcecodester.com/