← volver
CVE-2025-11113

CodeAstro Online Leave Application signup.php sql injection

CVSS 5.3 MEDIUMEPSS 0.3%CWE-74CWE-89
A vulnerability was detected in CodeAstro Online Leave Application 1.0. Affected is an unknown function of the file /signup.php. Performing manipulation of the argument city results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. Other parameters might be affected as well.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
CodeAstro · Online Leave Application

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://codeastro.com/https://github.com/yihaofuweng/cve/issues/39https://vuldb.com/?ctiid.326194https://vuldb.com/?id.326194https://vuldb.com/?submit.662695