Iwcnetwork Biometric Shift Employee Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Iwcnetwork Biometric Shift Employee Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2017-17992 — CVSS 9.8 (critical): Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name…
CVE-2017-17991 — CVSS 5.4 (medium): Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
CVE-2017-17989 — CVSS 5.4 (medium): Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
CVE-2017-17993 — CVSS 5.4 (medium): Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
CVE-2017-17994 — CVSS 5.4 (medium): Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
CVE-2017-17995 — CVSS 5.4 (medium): Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.