Online Leave Management System
online_leave_management_system
Vendor: Online Leave Management System Project • 12 CVEs
CVEs (12)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Online Leave Management System Project 1Online Leave Management System Apr 23, 2025 Dec 7, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leave_system/classes/SystemSettings.php?f=update_settings. This vulnerability allows attackers to execute arbitrary...Show more |
1Online Leave Management System Project 1Online Leave Management System Apr 23, 2025 Dec 7, 2022 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /leave_system/admin/?page=maintenance/department. This vulnerability allows attackers to ex...Show more |
1Online Leave Management System Project 1Online Leave Management System Apr 29, 2025 Nov 17, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=. |
1Online Leave Management System Project 1Online Leave Management System Nov 21, 2024 Oct 7, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. |
1Online Leave Management System Project 1Online Leave Management System Nov 21, 2024 Oct 6, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Master.php?f=delete_department. |
1Online Leave Management System Project 1Online Leave Management System May 21, 2025 Sep 26, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application. |
1Online Leave Management System Project 1Online Leave Management System May 21, 2025 Sep 26, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation. |
1Online Leave Management System Project 1Online Leave Management System May 21, 2025 Sep 26, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type. |
1Online Leave Management System Project 1Online Leave Management System Nov 21, 2024 Sep 12, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php. |
1Online Leave Management System Project 1Online Leave Management System Nov 21, 2024 Sep 12, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php. |
1Online Leave Management System Project 1Online Leave Management System Nov 21, 2024 Sep 12, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_department.php. |
1Online Leave Management System Project 1Online Leave Management System Nov 21, 2024 Jan 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /leave_system/classes/Login.php. |