CVE-2025-67315

Description

Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component

PUBLISHED Reserved 2025-12-08 | Published 2026-01-05 | Updated 2026-01-05 | Assigner mitre

References

phpgurukul.com/employee-leaves-management-system-elms/

github.com/r-pradyun/CVE-2025-67315

cve.org (CVE-2025-67315)

nvd.nist.gov (CVE-2025-67315)

Download JSON