Lucene search
K

1519 matches found

CVE
CVE
added yesterday8 views

CVE-2026-15559

CodeAstro Simple Online Leave Management System 1.0 contains a SQL injection vulnerability in the POST handler: /SimpleOnlineLeave/admin/accept.php, caused by manipulating the argument appid. This allows remote exploitation and is publicly available. The CVE documents do not provide patch/version...

6.5CVSS6.5AI score
Exploits0References6
CVE
CVE
added yesterday10 views

CVE-2026-15558

CodeAstro Simple Online Leave Management System 1.0 is affected by CVE-2026-15558. The vulnerability resides in /admin/deletemp.php where manipulation of the ID parameter leads to SQL injection. The issue allows remote exploitation, and public exploit disclosure increases risk. The CVSS metrics i...

6.5CVSS6.5AI score
Exploits0References6
NVD
NVD
added yesterday6 views

CVE-2026-15523

A weakness has been identified in CodeAstro Simple Online Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /SimpleOnlineLeave/admin/dashboard.php. This manipulation of the argument Name causes sql injection. The attack can be initiated remotely. The...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVD
added yesterday6 views

EUVD-2026-43265

A weakness has been identified in CodeAstro Simple Online Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /SimpleOnlineLeave/admin/dashboard.php. This manipulation of the argument Name causes sql injection. The attack can be initiated remotely. The...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday27 views

CVE-2026-15523 CodeAstro Simple Online Leave Management System dashboard.php sql injection

A weakness has been identified in CodeAstro Simple Online Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /SimpleOnlineLeave/admin/dashboard.php. This manipulation of the argument Name causes sql injection. The attack can be initiated remotely. The...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added yesterday10 views

CVE-2026-15523

CVE-2026-15523 affects CodeAstro Simple Online Leave Management System 1.0. The vulnerability is in the /SimpleOnlineLeave/admin/dashboard.php file, where manipulation of the Name argument enables SQL injection. The issue can be triggered remotely and a public exploit is available. The supplied s...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57808

Name of the Vulnerable Software and Affected Versions CodeAstro Simple Online Leave Management System version 1.0 Description Remote SQL injection is possible due to improper handling of the ID variable in the '/SimpleOnlineLeave/admin/deletemp.php' endpoint. SQL injection is a technique where an...

6.5CVSS6.7AI score
Exploits0References9
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42490

A vulnerability was determined in CodeAstro Simple Online Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /SimpleOnlineLeave/index.php. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References7
NVD
NVD
added 5 days ago9 views

CVE-2026-15134

A vulnerability was determined in CodeAstro Simple Online Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /SimpleOnlineLeave/index.php. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-15134 CodeAstro Simple Online Leave Management System index.php sql injection

A vulnerability was determined in CodeAstro Simple Online Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /SimpleOnlineLeave/index.php. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from...

7.5CVSS0.00263EPSS
Exploits0References6
CVE
CVE
added 6 days ago9 views

CVE-2026-15134

CodeAstro Simple Online Leave Management System 1.0 contains a SQL injection vulnerability in the /SimpleOnlineLeave/index.php endpoint, triggered by manipulating the email parameter. The issue is exploitable remotely over the network, with Proof-of-Concept exploits observed. The CVSS data indica...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 6:16 a.m.12 views

CVE-2026-14798

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /apartment-visitor/visitor-entry.php. The manipulation of the argument visname leads to sql injection. The attack can be initiated remotely. The exploit is...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 6:16 a.m.10 views

CVE-2026-14797

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 6:16 a.m.10 views

CVE-2026-14799

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/06 5:45 a.m.6 views

CVE-2026-14799

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/07/06 5:45 a.m.36 views

CVE-2026-14799 CodeAstro Ecommerce Website my_account.php sql injection

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS0.00204EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/06 5:45 a.m.8 views

EUVD-2026-41810

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
CVE
CVE
added 2026/07/06 5:45 a.m.12 views

CVE-2026-14799

CodeAstro Ecommerce Website 1.0 is affected by CVE-2026-14799 due to a SQL injection in /customer/my_account.php?my_wishlist when manipulating the delete_wishlist argument. The issue is exploitable remotely with a low-privilege, no-user-interaction path (network vector, low complexity; exploit ma...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 5:16 a.m.12 views

CVE-2026-14796

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.00204EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 5:16 a.m.11 views

CVE-2026-14795

A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. Th...

6.5CVSS0.002EPSS
Exploits0References6
Rows per page
Query Builder