17 matches found
CVE-2026-9542
A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...
CVE-2026-9542
A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...
CVE-2026-9542 CodeAstro Leave Management System add_staff.php sql injection
A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...
CVE-2026-9542 CodeAstro Leave Management System add_staff.php sql injection
A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...
EUVD-2026-31815
A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...
CVE-2026-9542
A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...
CVE-2026-9542
CodeAstro Leave Management System 1.0 has a SQL injection vulnerability in /admin/add_staff.php via manipulating the email_id parameter. The issue arises from an as‑yet unnamed function and is exploitable remotely, with public exploits available. CVSS metrics are provided (e.g., COND/PR/L impacts...
CodeAstro Leave Management System SQL注入漏洞
The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the emailid parameter by an unknown function in the file...
CVE-2026-0730
A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...
EUVD-2026-1658
A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...
CVE-2026-0730
PHPGurukul Staff Leave Management System 1.0 is affected by a cross-site scripting vulnerability in the SVG File Handler, specifically the ADD_STAFF/UPDATE_STAFF function in /staffleave/slms/slms/adminviews.py. Manipulating the profile_pic argument can trigger XSS, with remote exploitation report...
PT-2026-1980
Name of the Vulnerable Software and Affected Versions PHPGurukul Staff Leave Management System version 1.0 Description A flaw exists in PHPGurukul Staff Leave Management System 1.0 related to cross-site scripting. The issue is located in the ADD STAFF/UPDATE STAFF function within the...
CVE-2025-6604
A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
SourceCodester Best Salon Management System 安全漏洞
SourceCodester Best Salon Management System is a SourceCodester open source salon management system. A security vulnerability exists in SourceCodester Best Salon Management System version 1.0, which stems from the improper handling of the parameter Name in the file /panel/add-staff.php, which cou...
CVE-2024-9941
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJgmgtaddstaffmember function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2024-9323
A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/addstaff.php. The manipulation leads to cross site scripting. The attack can be launched remotely. T...
Inventory Management System 跨站脚本漏洞
Inventory Management System is an inventory management system for stemword individual developers. A cross-site scripting vulnerability exists in SourceCodester Inventory Management System version 1.0, which stems from a cross-site scripting issue contained in the /app/action/addstaff.php page...