PT-2025-41462 · Unknown · Simple Leave Manager
86Xx
·
Publicado
2025-10-09
·
Atualizado
2025-10-20
·
CVE-2025-11556
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Simple Leave Manager version 1.0
Description
A SQL injection issue exists in the Simple Leave Manager 1.0 application. The flaw is located in the
/user.php file and stems from improper handling of user-supplied input within the argument table, allowing manipulation of SQL queries. Remote exploitation is possible.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
SQL injection
Special Elements Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Simple Leave Manager