PT-2026-43038 · Code Projects · Employee Management System
Ssl_Seven_Security_Lab_Wangzhiqiang_Zhanxiuchen
·
Published
2026-05-25
·
Updated
2026-05-25
·
CVE-2026-9451
CVSS v3.1
6.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
A weakness has been identified in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /process/applyleaveprocess.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Exploit
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Employee Management System