Codeastro · Codeastro Online Leave Application · CVE-2025-11113
**Name of the Vulnerable Software and Affected Versions**
CodeAstro Online Leave Application version 1.0
**Description**
A flaw exists in CodeAstro Online Leave Application version 1.0 that allows for SQL injection. The issue is located in the `/signup.php` file, specifically through manipulation of the `city` argument. This can be initiated remotely. The exploit is publicly available. Other parameters may also be affected.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.