SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to execute arbitrary SQL commands via the txtfullname and txtphone parameters in the edit_profile.php component.
CPE | Name | Operator | Version |
---|---|---|---|
employee_management_system | eq | 1.0 |