Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
projectworlds leave management system 1.0 |