CVE-2025-11432

Medium CVSS: 6.9

A vulnerability was identified in itsourcecode Leave Management System 1.0. This affects an unknown function of the file /reset.php. Such manipulation of the argument employid leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

Vendor

Itsourcecode

Product

Leave Management System

CWE

CWE-74

Yayın Tarihi

2025-10-08 05:15:32

Güncelleme

2025-10-09 16:20:55

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Leave Management System MEDIUM Itsourcecode 2025

Referanslar

https://github.com/romatdibrohiksnov/vulndb.com/tree/main/itsourcecode%20leave%20management%20system%20Bulk%20Password%20Reset%20SQL%20Injection https://itsourcecode.com/ https://vuldb.com/?ctiid.327369 https://vuldb.com/?id.327369 https://vuldb.com/?submit.666326 https://github.com/romatdibrohiksnov/vulndb.com/tree/main/itsourcecode%20leave%20management%20system%20Bulk%20Password%20Reset%20SQL%20Injection

Benzer Kayıtlar

Medium

CVE-2026-5334

A weakness has been identified in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file…

Medium

CVE-2026-3730

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknow…

Medium

CVE-2026-3261

A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settin…

Medium

CVE-2026-2939

A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of…

Medium

CVE-2026-2190

A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of th…

Medium

CVE-2026-2189

A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the fil…