PT-2026-43036 · Code Projects · Employee Management System
Ssl_Seven_Security_Lab_Wangzhiqiang_Zhanxiuchen
·
Published
2026-05-25
·
Updated
2026-05-25
·
CVE-2026-9449
CVSS v3.1
6.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
A vulnerability was identified in code-projects Employee Management System 1.0. This impacts an unknown function of the file /changepassemp.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
Exploit
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Employee Management System