This page lists publicly disclosed CVE vulnerabilities affecting codeastro online_leave_application (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-11114 | A flaw has been found in CodeAstro Online Leave Application 1.0. Affected by this vulnerability is an unknown functionality of the file /leaveAplicationForm.php. Executing manipulation of the argument absence[] can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. | [email protected] | 2.1 | 0.34% | 2025-09-28 | 2026-04-29 |
| CVE-2025-11113 | A vulnerability was detected in CodeAstro Online Leave Application 1.0. Affected is an unknown function of the file /signup.php. Performing manipulation of the argument city results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. Other parameters might be affected as well. | [email protected] | 2.1 | 0.34% | 2025-09-28 | 2026-04-29 |