Codeastro Leave Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Codeastro Leave Management System.
By the Year
In 2026 there have been 6 vulnerabilities in Codeastro Leave Management System with an average score of 6.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 6 | 6.30 |
It may take a day or so for new Leave Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Codeastro Leave Management System Security Vulnerabilities
Remote SQLi via admin/add_leave.php in CodeAstro LMT 1.0
CVE-2026-11510
6.3 - Medium
- June 08, 2026
A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add_leave.php. Performing a manipulation of the argument type_of_leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
SQL Injection
CodeAstro LSM 1.0 SQLi in search_staff_for_updation.php
CVE-2026-11509
6.3 - Medium
- June 08, 2026
A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/search_staff_for_updation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote.
SQL Injection
CodeAstro LMS 1.0 Remote SQLi via /admin/search_staff_to_assign_pc.php
CVE-2026-11508
6.3 - Medium
- June 08, 2026
A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search_staff_to_assign_pc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
SQL Injection
CodeAstro Leave Management System 1.0 - SQLi via /admin/delete_leave_type.php
CVE-2026-11507
6.3 - Medium
- June 08, 2026
A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/delete_leave_type.php. The manipulation of the argument leave_type results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.
SQL Injection
CVE-2026-11506: SQLi in CodeAstro LeaveMgmt 1.0/admin/search_staff_for_deletion.php
CVE-2026-11506
6.3 - Medium
- June 08, 2026
A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/search_staff_for_deletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro LMS 1.0 SQL Injection in /admin/add_staff.php via email_id
CVE-2026-9542
6.3 - Medium
- May 26, 2026
A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulation of the argument email_id can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Codeastro Leave Management System or by Codeastro? Click the Watch button to subscribe.
