CVE-2026-11509

MEDIUM NVD

CVSS Score 6.3

Severity MEDIUM

Published Jun 08, 2026

Vendor unknown

Description

A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/search_staff_for_updation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote.

References

https://codeastro.com/
https://vuldb.com/cve/CVE-2026-11509
https://vuldb.com/submit/836788
https://vuldb.com/vuln/369129
https://vuldb.com/vuln/369129/cti