Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2017-17995 (GCVE-0-2017-17995)

Vulnerability from nvd – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17995",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17995",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.899Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17994 (GCVE-0-2017-17994)

Vulnerability from nvd – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17994",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17994",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17993 (GCVE-0-2017-17993)

Vulnerability from nvd – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.972Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17993",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17993",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.972Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17992 (GCVE-0-2017-17992)

Vulnerability from nvd – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17992",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17992",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17991 (GCVE-0-2017-17991)

Vulnerability from nvd – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.947Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17991",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17991",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.947Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17990 (GCVE-0-2017-17990)

Vulnerability from nvd – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17990",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17990",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17989 (GCVE-0-2017-17989)

Vulnerability from nvd – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.914Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17989",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.914Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17876 (GCVE-0-2017-17876)

Vulnerability from nvd – Published: 2017-12-26 18:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://www.exploit-db.com/exploits/43394/	exploitx_refsource_EXPLOIT-DB

Date Public

2017-12-26 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.074Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43394",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/43394/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-26T17:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "43394",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/43394/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17876",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43394",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/43394/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17876",
    "datePublished": "2017-12-26T18:00:00.000Z",
    "dateReserved": "2017-12-23T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17991 (GCVE-0-2017-17991)

Vulnerability from cvelistv5 – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.947Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17991",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17991",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.947Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17989 (GCVE-0-2017-17989)

Vulnerability from cvelistv5 – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.914Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17989",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.914Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17994 (GCVE-0-2017-17994)

Vulnerability from cvelistv5 – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17994",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17994",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17993 (GCVE-0-2017-17993)

Vulnerability from cvelistv5 – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.972Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17993",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17993",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.972Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17990 (GCVE-0-2017-17990)

Vulnerability from cvelistv5 – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17990",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17990",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17992 (GCVE-0-2017-17992)

Vulnerability from cvelistv5 – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17992",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17992",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17995 (GCVE-0-2017-17995)

Vulnerability from cvelistv5 – Published: 2017-12-30 04:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/d4wner/Vulnerabilities-Report/…	x_refsource_MISC

Date Public

2017-12-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-30T04:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17995",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md",
              "refsource": "MISC",
              "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17995",
    "datePublished": "2017-12-30T04:00:00.000Z",
    "dateReserved": "2017-12-29T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.899Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17876 (GCVE-0-2017-17876)

Vulnerability from cvelistv5 – Published: 2017-12-26 18:00 – Updated: 2024-08-05 21:06

Summary

Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://www.exploit-db.com/exploits/43394/	exploitx_refsource_EXPLOIT-DB

Date Public

2017-12-26 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.074Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43394",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/43394/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-26T17:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "43394",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/43394/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17876",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43394",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/43394/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17876",
    "datePublished": "2017-12-26T18:00:00.000Z",
    "dateReserved": "2017-12-23T00:00:00.000Z",
    "dateUpdated": "2024-08-05T21:06:49.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Find a vulnerability

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

16 vulnerabilities by iwcnetwork

CVE-2017-17995 (GCVE-0-2017-17995)

CVE-2017-17994 (GCVE-0-2017-17994)

CVE-2017-17993 (GCVE-0-2017-17993)

CVE-2017-17992 (GCVE-0-2017-17992)

CVE-2017-17991 (GCVE-0-2017-17991)

CVE-2017-17990 (GCVE-0-2017-17990)

CVE-2017-17989 (GCVE-0-2017-17989)

CVE-2017-17876 (GCVE-0-2017-17876)

CVE-2017-17991 (GCVE-0-2017-17991)

CVE-2017-17989 (GCVE-0-2017-17989)

CVE-2017-17994 (GCVE-0-2017-17994)

CVE-2017-17993 (GCVE-0-2017-17993)

CVE-2017-17990 (GCVE-0-2017-17990)

CVE-2017-17992 (GCVE-0-2017-17992)

CVE-2017-17995 (GCVE-0-2017-17995)

CVE-2017-17876 (GCVE-0-2017-17876)

Find a vulnerability

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

16 vulnerabilities by iwcnetwork

CVE-2017-17995 (GCVE-0-2017-17995)

CVE-2017-17994 (GCVE-0-2017-17994)

CVE-2017-17993 (GCVE-0-2017-17993)

CVE-2017-17992 (GCVE-0-2017-17992)

CVE-2017-17991 (GCVE-0-2017-17991)

CVE-2017-17990 (GCVE-0-2017-17990)

CVE-2017-17989 (GCVE-0-2017-17989)

CVE-2017-17876 (GCVE-0-2017-17876)

CVE-2017-17991 (GCVE-0-2017-17991)

CVE-2017-17989 (GCVE-0-2017-17989)

CVE-2017-17994 (GCVE-0-2017-17994)

CVE-2017-17993 (GCVE-0-2017-17993)

CVE-2017-17990 (GCVE-0-2017-17990)

CVE-2017-17992 (GCVE-0-2017-17992)

CVE-2017-17995 (GCVE-0-2017-17995)

CVE-2017-17876 (GCVE-0-2017-17876)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.