Online Leave Management System Project Online Leave Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Online Leave Management System Project Online Leave Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2021-40595 — CVSS 9.8 (critical): SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL…
CVE-2022-38302 — CVSS 7.2 (high): Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_depa…
CVE-2022-38303 — CVSS 7.2 (high): Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_…
CVE-2022-38304 — CVSS 7.2 (high): Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leav…
CVE-2022-40926 — CVSS 7.2 (high): Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type.
CVE-2022-40927 — CVSS 7.2 (high): Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.
CVE-2022-40928 — CVSS 7.2 (high): Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application.
CVE-2022-41355 — CVSS 7.2 (high): Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Ma…
CVE-2022-41379 — CVSS 7.2 (high): An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0…
CVE-2022-43179 — CVSS 7.2 (high): Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&…
CVE-2022-45009 — CVSS 7.2 (high): Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leave_system/classes/SystemSettings…
CVE-2022-45008 — CVSS 4.8 (medium): Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component…