CVE-2026-10624— SourceCodester Human Resource Management Employee View detailview.php resource injection
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-10624
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SourceCodester Human Resource Management Employee View detailview.php resource injection
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifiers. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对资源描述符的控制不恰当(资源注入)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SourceCodester | Human Resource Management | 1.0 | cpe:2.3:a:sourcecodester:human_resource_management:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-10624
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-10624
请登录查看更多情报信息。
Security Blog Posts for CVE-2026-10624 (1)
Other References for CVE-2026-10624 (1)
Same Patch Batch · SourceCodester · 2026-06-02 · 3 CVEs total
| CVE-2026-10559 | 6.3 MEDIUM | SourceCodester Pizzafy Ecommerce System index.php file inclusion |
| CVE-2026-10558 | 6.3 MEDIUM | SourceCodester Pizzafy Ecommerce System index.php file inclusion |
IV. Related Vulnerabilities
Same vendor: SourceCodester
- CVE-2026-10559
SourceCodester Pizzafy Ecommerce System index.php file inclu - CVE-2026-10558
SourceCodester Pizzafy Ecommerce System index.php file inclu - CVE-2026-10295
SourceCodester Customer Review App review_app.py get_all_rev - CVE-2026-10287
SourceCodester SEO Meta Tag Extractor index.php get_headers - CVE-2026-10263
SourceCodester Computer Repair Shop Management System manage
Same weakness: CWE-99
- CVE-2026-10299
code-projects Online Hospital Management System viewdoctorti - CVE-2026-10168
OUSL-GROUP-BrinaryBrains School Student Management System Pa - CVE-2026-9438
yashpokharna2555 StudentManagementSystem courseDel.php resou - CVE-2026-33603
Open-Xchange OX Dovecot Pro 安全漏洞 - CVE-2026-7303
Xuxueli xxl-job Execution Log JobLogController.java logDetai
V. Comments for CVE-2026-10624
No comments yet