CVE-2026-11507
MEDIUM NVDCVSS Score
6.3
Severity
MEDIUM
Source
NVD
Published
Jun 08, 2026
Description
A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/delete_leave_type.php. The manipulation of the argument leave_type results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.