CVE-2026-11508

A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/searchstafftoassignpc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The...

CVE-2026-11507 CodeAstro Leave Management System delete_leave_type.php sql injection

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-11507

CodeAstro Leave Management System 1.0 is affected by a SQL injection in /admin/delete_leave_type.php via manipulation of the leave_type parameter. The vulnerability is remote, with a public exploit, enabling an attacker to influence the database from network view. The exact vulnerable function is...

CVE-2026-11507

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-11506

A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...

PT-2026-47272

A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/search staff for updation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote...

PT-2026-47273

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add leave.php. Performing a manipulation of the argument type of leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-8132

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

CVE-2026-8132 CodeAstro Leave Management System login.php sql injection

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

CVE-2026-8132

CVE-2026-8132 affects CodeAstro Leave Management System 1.0. The vulnerability resides in an unknown function of login.php, where manipulation of the txt_username argument enables SQL injection. The issue can be triggered remotely and the exploit has been made public, indicating realism and poten...

PT-2026-1294

Name of the Vulnerable Software and Affected Versions Employee Leave Management System version 2.1 Description A Cross Site Request Forgery issue exists in Employee Leave Management System version 2.1. A remote attacker can potentially escalate privileges through the manage-employee.php component...

CVE-2025-11432

A vulnerability was identified in itsourcecode Leave Management System 1.0. This affects an unknown function of the file /reset.php. Such manipulation of the argument employid leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2023-44481

Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-44480

Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setcasualleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database...

Projectworlds Leave Management System Project SQL Injection Vulnerability

Projectworlds Leave Management System Project is a leave management system project by Projectworlds India. Projectworlds Leave Management System Project v1.0 suffers from an SQL injection vulnerability that originates in the parameter setcasualleave in the file admin/setleaves.php...

Online Leave Management System SQL注入漏洞

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates in /leavesystem/classes/Master.php?f=delete designation lacks validation of external input SQL statements. An attacker could use this...

Online Employee Leave Management System 跨站请求伪造漏洞

Online Employee Leave Management System is an employee leave management system that provides an employee and management platform to efficiently manage leave departures and approvals. The vulnerability can be exploited by attackers to disguise user identity and send malicious requests...