CodeAstro Leave Management System search_staff_for_deletion.php sql injection_CVE-2026-11506

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/search_staff_for_deletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2026-11506

Source VulDB

Published Jun 8, 2026 at 10:30

Affected Product

Vendor CodeAstro

Product Leave Management System

Version 1.0

Affected Versions CodeAstro Leave Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/search_staff_for_deletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.",
    "published": "2026-06-08T10:30:11.488Z",
    "modified": "2026-06-08T10:30:11.488Z",
    "type": "cve",
    "title": "CodeAstro Leave Management System search_staff_for_deletion.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/369126\nhttps://vuldb.com/vuln/369126/cti\nhttps://vuldb.com/cve/CVE-2026-11506\nhttps://vuldb.com/submit/835731\nhttps://github.com/jimages/PoC/issues/1\nhttps://codeastro.com/",
    "id": "CVE-2026-11506",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "CodeAstro Leave Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Leave Management System",
    "version": "1.0",
    "vendor": "CodeAstro",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}