CVE-2026-5210 PUBLISHED

A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a manipulation of the argument page results in file inclusion. Remote exploitation of the attack is possible. The exploit is now public and may be used.

• Hemant Raj Bhati (VulDB User) reporter

• VDB-354346 | SourceCodester Leave Application System file inclusion
• VDB-354346 | CTI Indicators (IOB, IOC, IOA)
• Submit #780419 | SourceCodester Leave Application System in PHP and SQLite3 1.0 Local File Inclusion
• https://medium.com/@hemantrajbhati5555/local-file-inclusion-lfi-in-leave-application-system-php-sqlite3-4e095bb7ee40
• https://www.sourcecodester.com/

• File Inclusion CWE