CVE-2026-11508 | CodeAstro Leave Management System 1.0 search_staff_to_assign_pc.php Name sql injection

Inserito da Angelo Barbosa | Giu 7, 2026 | CVE

A vulnerability has been found in CodeAstro Leave Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/search_staff_to_assign_pc.php. This manipulation of the argument Name causes sql injection.

This vulnerability is tracked as CVE-2026-11508. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-11508 | CodeAstro Leave Management System 1.0 search_staff_to_assign_pc.php Name sql injection

Post correlati

CVE-2025-30190 | Open-Xchange OX App Suite cross site scripting (adv-2025-0003)

CVE-2026-34942 | bytecodealliance wasmtime up to 24.0.6/36.0.6/42.0.1/44.0.0 array index (GHSA-jxhv-7h78-9775)

CVE-2024-44008 | Dylan Kuhn Geo Mashup Plugin up to 1.13.12 on WordPress cross site scripting

CVE-2024-1477 | aankit Easy Maintenance Mode Plugin up to 1.4.2 on WordPress REST API information disclosure