CVE-2026-9417

A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and m...

medium 4.3 CVSS 3.1

Published: May 25, 2026

Modified: May 26, 2026

Description

A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used.

References

https://code-projects.org/
https://github.com/zzzxc643/CVE1/blob/main/EMPLOYEE_MANAGEMENT_SYSTEM/vul14.md
https://vuldb.com/submit/813699
https://vuldb.com/vuln/365398
https://vuldb.com/vuln/365398/cti

Version	3.1
Score	4.3 / 10
Severity	medium