CVE-2025-11114

Medium CVSS: 5.3

A flaw has been found in CodeAstro Online Leave Application 1.0. Affected by this vulnerability is an unknown functionality of the file /leaveAplicationForm.php. Executing manipulation of the argument absence[] can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.

Vendor

Codeastro

Product

Online Leave Application

CWE

CWE-74

Yayın Tarihi

2025-09-28 18:15:35

Güncelleme

2025-10-02 18:40:22

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Online Leave Application MEDIUM Codeastro 2025

Referanslar

https://codeastro.com/ https://github.com/yihaofuweng/cve/issues/40 https://vuldb.com/?ctiid.326195 https://vuldb.com/?id.326195 https://vuldb.com/?submit.662699

Benzer Kayıtlar

Medium

CVE-2026-3137

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of th…

Critical

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that al…

High

CVE-2025-70148

Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allo…

Critical

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print_membership_card.php via the ID parame…

Medium

CVE-2025-14899

A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the f…

Medium

CVE-2025-14900

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown functi…