Human Resource Management System Project in PHP and MySQL Free Source Code

Submitter: Kha Do

Vulnerability

Insecure Permission

Description

Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket.

Affected component

Path URL: /hrm/leaverequest.php

Parameter: ?msg=, ?id=

Impact

The normal user can self-approve or reject leave ticket, which is not permitted.

id: accept ticket.

msg: reject ticket.

PoC

Insecure_permission_leave.mp4

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Human Resource Management System Project in PHP and MySQL Free Source Code

Submitter: Kha Do

Vulnerability

Description

Affected component

Impact

PoC

About

Releases

Packages

dovankha/CVE-2024-34223

Folders and files

Latest commit

History

Repository files navigation

Human Resource Management System Project in PHP and MySQL Free Source Code

Submitter: Kha Do

Vulnerability

Description

Affected component

Impact

PoC

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages