Cooorgi

**Name of the Vulnerable Software and Affected Versions** code-projects Human Resource Integrated System version 1.0 **Description** A security flaw exists in code-projects Human Resource Integrated System version 1.0. The issue impacts an unknown function within the `/login timeee.php` file. Manipulation of the `emp id` argument can lead to SQL injection. The attack can be initiated remotely, and the exploit has been publicly released. **Recommendations** As a temporary workaround, consider restricting access to the `/login timeee.php` file until a fix is available. Sanitize the `emp id` argument to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** code-projects Human Resource Integrated System version 1.0 **Description** A SQL injection issue exists in the /log query.php file. Manipulation of the `ID` argument can lead to SQL injection. The exploit has been made public and could be used to perform remote attacks. **Recommendations** As a temporary workaround, consider restricting access to the /log query.php file until a fix is available. Sanitize the `ID` argument to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** code-projects Human Resource Integrated System version 1.0 **Description** A vulnerability exists in code-projects Human Resource Integrated System 1.0, affecting unknown code within the `/login query12.php` file. The manipulation of the `ID` argument causes a SQL injection. This issue can be initiated remotely, and the exploit has been publicly disclosed. **Recommendations** Address the SQL injection issue in the `/login query12.php` file by sanitizing the `ID` argument.

**Name of the Vulnerable Software and Affected Versions** code-projects Human Resource Integrated System version 1.0 **Description** A SQL injection issue exists due to unknown processing of the file `/login.php`. Manipulation of the `user/pass` argument can lead to SQL injection, allowing for remote exploitation. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Human Resource Integrated System version 1.0 **Description** A security flaw exists in code-projects Human Resource Integrated System version 1.0. The issue involves a SQL injection affecting an unknown function within the `login attendance2.php` file. Manipulation of the `employee id`/`date` argument allows for remote exploitation. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.