CVE-2026-15559

Severity CVSS v4.0:
LOW
Type:
CWE-74 Injection
Publication date:
13/07/2026
Last modified:
13/07/2026

Description

A vulnerability was detected in CodeAstro Simple Online Leave Management System 1.0. This affects an unknown part of the file /SimpleOnlineLeave/admin/accept.php of the component POST Handler. Performing a manipulation of the argument appid results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.