Name of the Vulnerable Software and Affected Versions:

SourceCodester Human Resource Information System version 1.0

Description:

A flaw exists in SourceCodester Human Resource Information System 1.0 within an unknown functionality of the `/Admin Dashboard/process/editemployee process.php` file. Manipulation of the `employee file201` argument results in unrestricted upload. The attack can be initiated remotely. The exploit has been published and may be used.

Recommendations:

Address the unrestricted upload issue in the `/Admin Dashboard/process/editemployee process.php` file.

Sanitize or validate the `employee file201` argument to prevent unrestricted file uploads.

Restrict access to the `/Admin Dashboard/process/editemployee process.php` file to authorized personnel only.