CVE-2026-7095

Description

A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

References

• https://code-projects.org/
• https://github.com/zzzxc643/CVE1/blob/main/EMPLOYEE_MANAGEMENT_SYSTEM/vul2.md
• https://vuldb.com/submit/800726
• https://vuldb.com/submit/800834
• https://vuldb.com/vuln/359670