CVE-2026-15559
MEDIUM
NVD
CVSS Score
6.3
Severity
MEDIUM
Published
Jul 13, 2026
Vendor
unknown
Description
A vulnerability was detected in CodeAstro Simple Online Leave Management System 1.0. This affects an unknown part of the file /SimpleOnlineLeave/admin/accept.php of the component POST Handler. Performing a manipulation of the argument appid results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.