CVE-2026-11506 | CodeAstro Leave Management System 1.0 search_staff_for_deletion.php Name sql injection

Inserito da Angelo Barbosa | Giu 7, 2026 | CVE

A vulnerability, which was classified as critical, has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/search_staff_for_deletion.php. The manipulation of the argument Name leads to sql injection.

This vulnerability is referenced as CVE-2026-11506. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-11506 | CodeAstro Leave Management System 1.0 search_staff_for_deletion.php Name sql injection

Post correlati

CVE-2024-49649 | Abdul Hakeem Build App Online Plugin up to 1.0.23 on WordPress Include/Require filename control

CVE-2025-6035 | GIMP Despeckle Plugin integer overflow

CVE-2026-4221 | Tiandy Easy7 Integrated Management Platform 7.17.0 Endpoint uploadLedImage File unrestricted upload

CVE-2024-46049 | Tenda O6 1.0.0.7(2054) /goform/exeCommand formexeCommand cmdinput stack-based overflow