A vulnerability described as critical has been identified in CodeAstro Simple Online Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /SimpleOnlineLeave/index.php. Executing a manipulation of the argument email can lead to sql injection.
This vulnerability appears as CVE-2026-15134. The attack may be performed from remote. In addition, an exploit is available.