जमा करें #855189: codeastro Simple Online Leave Management System V1.0 SQL Injectionजानकारी

शीर्षकcodeastro Simple Online Leave Management System V1.0 SQL Injection
विवरणDuring a security review of Simple Online Leave Management System V1.0, a critical SQL injection vulnerability was discovered in the /SimpleOnlineLeave/admin/accept.php file. The vulnerability occurs because the appid POST parameter is not properly validated or sanitized before being used in SQL queries. An attacker can craft a malicious POST request containing SQL injection payloads, potentially resulting in unauthorized database access, data leakage, data modification, or data deletion. Immediate remediation is recommended to protect the system and ensure database integrity.
स्रोत⚠️ https://github.com/sl1der-fr0g/Findings/issues/3
उपयोगकर्ता
 cshwswwsshd99 (UID 98516)
सबमिशन10/06/2026 05:19 PM (1 महीना पहले)
संयम13/07/2026 07:05 AM (1 month later)
स्थितिस्वीकृत
VulDB प्रविष्टि377908 [CodeAstro Simple Online Leave Management System 1.0 POST accept.php appid SQL इंजेक्शन]
अंक20

Interested in the pricing of exploits?

See the underground prices here!