SQL Injection in Online Employees Attendance System Can Let Attackers Access Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.7

SQL Injection in Online Employees Attendance System Can Let Attackers Access Data

CVE-2026-37596

Summary

The Online Employees Work From Home Attendance System, version 1.0, has a security issue that could allow hackers to access sensitive information. If left unaddressed, this vulnerability could lead to data breaches and unauthorized access to your employee records. Update the system immediately to a fixed version to prevent potential data exposure.

Original title

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php.

Original description

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php.

Vulnerability type

CWE-89 SQL Injection

https://github.com/shininadd/cve_report/blob/main/sourcecodester/online-employee...

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026