Codeastro Human Resource Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Codeastro Human Resource Management System.
By the Year
In 2026 there have been 4 vulnerabilities in Codeastro Human Resource Management System with an average score of 3.9 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 4 | 3.93 |
It may take a day or so for new Human Resource Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Codeastro Human Resource Management System Security Vulnerabilities
CodeAstro HRMS 1.0: Payroll Invoice ID SQLi
CVE-2026-12131
6.3 - Medium
- June 12, 2026
A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
SQL Injection
CodeAstro HRM 1.0 N: XSS via protitle on /Projects/Add_Projects
CVE-2026-12130
3.5 - Low
- June 12, 2026
A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/Add_Projects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
XSS
XSS in Dashboard Interface of CodeAstro HRMS 1.0 (before 1.1)
CVE-2026-12129
3.5 - Low
- June 12, 2026
A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/add_tod of the component Dashboard Interface. The manipulation of the argument todo_data leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and might be used.
XSS
CodeAstro HRMS 1.0 XSS Vulnerability in Notice Board Management
CVE-2026-11491
2.4 - Low
- June 08, 2026
A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All_notice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input <svg onload="alert('Stored XSS Triggered by Ashik Mohamed')"> as part of POST leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Codeastro Human Resource Management System or by Codeastro? Click the Watch button to subscribe.
