High severity7.3NVD Advisory· Published Mar 31, 2026· Updated Apr 29, 2026

CVE-2026-5210

Description

A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a manipulation of the argument page results in file inclusion. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

medium.com/@hemantrajbhati5555/local-file-inclusion-lfi-in-leave-application-system-php-sqlite3-4e095bb7ee40nvd
vuldb.com/submit/780419nvd
vuldb.com/vuln/354346nvd
vuldb.com/vuln/354346/ctinvd
www.sourcecodester.comnvd

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000