CVE-2022-45009EPSS p59.4%
CVE-2022-45009CVE-2022-45009
online_leave_management_system_project / online_leave_management_system
Description
Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leave_system/classes/SystemSettings.php?f=update_settings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
Scoring
| CVSS | 7.2 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 1.03% probability of exploitation · percentile 59.4% · 2026-06-19T12:03:05Z |
| Last modified | 2026-06-17 |