CVE-2026-9542 – CodeAstro Leave Management System add_staff.php sql injection

CVE ID :CVE-2026-9542

Published : May 26, 2026, 2:16 p.m. | 15 minutes ago

Description :A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulation of the argument email_id can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9544 – Shenzhen Sixun Software Sixun Shanghui Group Business Management System PayConfig sql injection

CVE-2026-9543 – Totolink N300RH Web Management cstecgi.cgi setPasswordCfg os command injection

CVE-2026-9541 – Squirrel Cnut File sqobject.cpp ReadObject heap-based overflow

CVE-2026-9540 – vllm-project vllm OpenAI-compatible Serving Path denial of service