CVE-2026-11507 | CodeAstro Leave Management System 1.0 delete_leave_type.php leave_type sql injection

Inserito da Angelo Barbosa | Giu 7, 2026 | CVE

A vulnerability, which was classified as critical, was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/delete_leave_type.php. The manipulation of the argument leave_type results in sql injection.

This vulnerability is identified as CVE-2026-11507. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-11507 | CodeAstro Leave Management System 1.0 delete_leave_type.php leave_type sql injection

Post correlati

CVE-2025-6018 | pam-config

CVE-2025-7078 | 07FLYCMS/07FLY-CMS/07FlyCRM up to 1.3.9 cross-site request forgery

CVE-2024-23289 | Apple watchOS Lock Screen state issue

CVE-2024-55881 | Linux Kernel up to 5.15.175/6.1.121/6.6.67/6.12.6 Hypercall Page arch/x86/kvm/x86.h complete_hypercall_exit state issue