code-projects Employee Management System myprofileup.php cross site scripting_CVE-2026-9417

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Basic Information

ID CVE-2026-9417

Source VulDB

Published May 25, 2026 at 02:15

Affected Product

Vendor code-projects

Product Employee Management System

Version 1.0

Affected Versions code-projects Employee Management System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used.",
    "published": "2026-05-25T02:15:10.880Z",
    "modified": "2026-05-25T02:15:10.880Z",
    "type": "cve",
    "title": "code-projects Employee Management System myprofileup.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/365398\nhttps://vuldb.com/vuln/365398/cti\nhttps://vuldb.com/submit/813699\nhttps://github.com/zzzxc643/CVE1/blob/main/EMPLOYEE_MANAGEMENT_SYSTEM/vul14.md\nhttps://code-projects.org/",
    "id": "CVE-2026-9417",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "code-projects Employee Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Employee Management System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}