Snife

**Name of the Vulnerable Software and Affected Versions** CodeAstro Online Leave Application version 1.0 **Description** A flaw exists in CodeAstro Online Leave Application 1.0 related to an unknown functionality within the `/leaveAplicationForm.php` file. Manipulation of the `absence[]` argument can lead to SQL injection, potentially allowing remote attacks. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Scheduling System version 1.0 **Description** A flaw exists in an unknown functionality within the `/addtime.php` file. The manipulation of the `starttime`/`endtime` argument can lead to a SQL injection. Remote exploitation is possible. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.