제출 #855188: codeastro Simple Online Leave Management System V1.0 SQL Injection정보

제목codeastro Simple Online Leave Management System V1.0 SQL Injection
설명During a security review of Simple Online Leave Management System V1.0, a critical SQL injection vulnerability was discovered in the /SimpleOnlineLeave/admin/deletemp.php file. The vulnerability occurs because the id GET parameter is not properly validated or sanitized before being used in SQL queries. An attacker can craft a malicious request to inject SQL payloads, potentially resulting in unauthorized database access, data leakage, data modification, or data deletion. Immediate remediation is recommended to protect the system and ensure database integrity.
원천⚠️ https://github.com/sl1der-fr0g/Findings/issues/2
사용자
 cshwswwsshd99 (UID 98516)
제출2026. 06. 10. PM 05:18 (1 월 ago)
모더레이션2026. 07. 13. AM 07:05 (1 month later)
상태수락
VulDB 항목377907 [CodeAstro Simple Online Leave Management System 1.0 deletemp.php 아이디 SQL 주입]
포인트들20

Interested in the pricing of exploits?

See the underground prices here!