A vulnerability was found in CodeAstro Simple Online Leave Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /SimpleOnlineLeave/admin/deletemp.php. Such manipulation of the argument ID leads to sql injection.
This vulnerability is documented as CVE-2026-15558. The attack can be executed remotely. Additionally, an exploit exists.