cvedb.io
CVE-2025-11113
MEDIUM · CVSS 6.3
EPSS exploitation probability: 0%
Published 2025-09-28T18:15:35.633 · Last modified 2026-06-17T08:29:40.890

Summary

A vulnerability was detected in CodeAstro Online Leave Application 1.0. Affected is an unknown function of the file /signup.php. Performing manipulation of the argument city results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. Other parameters might be affected as well.

Affected products

codeastro — online_leave_application

Does this affect you?

Add your gear to cvedb and we'll alert you only when codeastro ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.