3 matches found
CVE-2022-45009
Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leavesystem/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-45009
Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leavesystem/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-45009
CVE-2022-45009 affects Online Leave Management System v1.0. The issue is an arbitrary file upload vulnerability in the SystemSettings.php endpoint (/leave_system/classes/SystemSettings.php?f=update_settings) that can allow an attacker to execute arbitrary PHP code via a crafted file. The primary ...