SQL Injection in SourceCodester Online Employees Work From Home Attendance System

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.7

SQL Injection in SourceCodester Online Employees Work From Home Attendance System

CVE-2026-37593

Summary

The SourceCodester Online Employees Work From Home Attendance System has a weakness in how it handles user input, which could allow an attacker to access sensitive data or take control of the system. This could happen if an attacker sends special, malicious input to the system. To stay safe, update the system to the latest version or apply the recommended patches.

Original title

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php.

Original description

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php.

Vulnerability type

CWE-89 SQL Injection

https://github.com/shininadd/cve_report/blob/main/sourcecodester/online-employee...

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026