Vulnerabilities > Online Leave Management System Project

DATE CVE VULNERABILITY TITLE RISK
2022-12-07 CVE-2022-45008 Cross-site Scripting vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /leave_system/admin/?page=maintenance/department. 		4.8
4.8
2022-12-07 CVE-2022-45009 Unrestricted Upload of File with Dangerous Type vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leave_system/classes/SystemSettings.php?f=update_settings. 		7.2
7.2
2022-11-17 CVE-2022-43179 SQL Injection vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=. 		7.2
7.2
2022-10-07 CVE-2022-41379 Unrestricted Upload of File with Dangerous Type vulnerability in Online Leave Management System Project Online Leave Management System 1.0
An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. 		7.2
7.2
2022-10-06 CVE-2022-41355 SQL Injection vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Master.php?f=delete_department. 		7.2
7.2
2022-09-26 CVE-2022-40926 SQL Injection vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type. 		7.2
7.2
2022-09-26 CVE-2022-40927 SQL Injection vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation. 		7.2
7.2
2022-09-26 CVE-2022-40928 SQL Injection vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application. 		7.2
7.2
2022-09-12 CVE-2022-38302 SQL Injection vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_department.php. 		7.2
7.2
2022-09-12 CVE-2022-38303 SQL Injection vulnerability in Online Leave Management System Project Online Leave Management System 1.0
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php. 		7.2
7.2