إرسال #855188: codeastro Simple Online Leave Management System V1.0 SQL Injectionالمعلومات

عنوانcodeastro Simple Online Leave Management System V1.0 SQL Injection
الوصفDuring a security review of Simple Online Leave Management System V1.0, a critical SQL injection vulnerability was discovered in the /SimpleOnlineLeave/admin/deletemp.php file. The vulnerability occurs because the id GET parameter is not properly validated or sanitized before being used in SQL queries. An attacker can craft a malicious request to inject SQL payloads, potentially resulting in unauthorized database access, data leakage, data modification, or data deletion. Immediate remediation is recommended to protect the system and ensure database integrity.
المصدر⚠️ https://github.com/sl1der-fr0g/Findings/issues/2
المستخدم
 cshwswwsshd99 (UID 98516)
ارسال10/06/2026 05:18 PM (1 شهر منذ)
الاعتدال13/07/2026 07:05 AM (1 month later)
الحالةتمت الموافقة
إدخال VulDB377907 [CodeAstro Simple Online Leave Management System 1.0 deletemp.php معرف حقن SQL]
النقاط20

Do you know our Splunk app?

Download it now for free!