Phpgurukul: >> Employee Leave Management System >> 2.1 Security Vulnerabilities
PHPGurukul Employee Leave Management System 2.1 contains an Insecure Direct Object Reference (IDOR) vulnerability in leave-details.php. An authenticated user can change the leaveid parameter in the URL to access leave application details of other users.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-09-02