pr0z

2 exploits Active since Mar 2022
CVE-2021-44088 EXPLOITDB CRITICAL python WORKING POC
Sourcecodester Attendance and Payroll System 1.0 - SQL Injection via Login Parameters
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters.
CVSS 9.8
CVE-2021-44087 EXPLOITDB CRITICAL python WORKING POC
Sourcecodester Attendance and Payroll System 1.0 - Unauthenticated Remote Code Execution via Photo Upload
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.
CVSS 9.8