Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setcasualleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-10-27T20:52:46.311Z
Updated: 2024-09-09T17:14:16.879Z
Reserved: 2023-09-29T14:42:05.477Z
Link: CVE-2023-44480
Vulnrichment
Updated: 2024-08-02T20:07:33.448Z
NVD
Status : Modified
Published: 2023-10-27T21:15:09.530
Modified: 2023-11-08T16:15:09.607
Link: CVE-2023-44480
Redhat
No data.