CodeAstro Leave Management System add_leave.php sql injection_CVE-2026-11510

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add_leave.php. Performing a manipulation of the argument type_of_leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.

Basic Information

ID CVE-2026-11510

Source VulDB

Published Jun 8, 2026 at 11:30

Affected Product

Vendor CodeAstro

Product Leave Management System

Version 1.0

Affected Versions CodeAstro Leave Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add_leave.php. Performing a manipulation of the argument type_of_leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.",
    "published": "2026-06-08T11:30:10.281Z",
    "modified": "2026-06-08T11:30:10.281Z",
    "type": "cve",
    "title": "CodeAstro Leave Management System add_leave.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/369130\nhttps://vuldb.com/vuln/369130/cti\nhttps://vuldb.com/cve/CVE-2026-11510\nhttps://vuldb.com/submit/836789\nhttps://github.com/Andelstander/cve/issues/3\nhttps://codeastro.com/",
    "id": "CVE-2026-11510",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "CodeAstro Leave Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Leave Management System",
    "version": "1.0",
    "vendor": "CodeAstro",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}