CNNVD-202601-870 Information

CNNVD ID

CNNVD-202601-870

Related CVE

CVE-2025-67315

• CNNVD Published: 2026-01-05

Description (Chinese)

PHPGurukul Employee Leave Management System是PHPGurukul公司的一个员工休假管理系统。 PHPGurukul Employee Leave Management System 2.1版本存在安全漏洞，该漏洞源于manage-employee.php组件存在跨站请求伪造，可能导致权限提升。

Description (English)

PHPGurukul Employee Leave Management System is an employee leave management system for PHPGurukul. PHPGurukul Employe Leave Management System version 2.1 contains a security loophole, which stems from the existence of cross-site requests for forgery of the Manage-employee.php component, which may lead to increased access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PHPGurukul

Published

2026-01-05

Last Modified

2026-02-24

References

https://github.com/r-pradyun/CVE-2025-67315 https://phpgurukul.com/employee-leaves-management-system-elms/ https://access.redhat.com/security/cve/cve-2025-67315