CVE-2025-11113 identifies a SQL injection vulnerability in CodeAstro Online Leave Application version 1.0, specifically within the /signup.php endpoint. The vulnerability arises from improper sanitization of the 'city' parameter, which is used directly in SQL queries without adequate validation or parameterization. This allows an attacker to inject malicious SQL code remotely without requiring authentication or user interaction. The vulnerability could enable attackers to extract sensitive information from the backend database, modify or delete data, or potentially escalate privileges depending on the database configuration. Although the CVSS 4.0 score is 5.3 (medium), reflecting limited impact on confidentiality, integrity, and availability, the presence of a public exploit increases the likelihood of exploitation. The vulnerability affects only version 1.0 of the product, and no patches have been officially released yet. The lack of authentication requirement and remote exploitability make this a significant risk for organizations using this software. The vulnerability could also affect other parameters, indicating a broader input validation issue. The attack vector is network-based, with low attack complexity and no user interaction needed, emphasizing the need for immediate remediation.

For European organizations, the impact of CVE-2025-11113 could include unauthorized access to sensitive employee data such as personal details, leave records, and possibly authentication credentials if stored insecurely. This could lead to privacy violations under GDPR, reputational damage, and potential regulatory penalties. Data integrity could be compromised if attackers modify or delete records, disrupting HR operations and payroll processes. Availability impact is limited but possible if attackers execute SQL commands that lock tables or degrade database performance. The vulnerability's remote exploitability without authentication increases the risk of widespread attacks, especially in organizations with internet-facing instances of the application. Public sector entities and large enterprises with extensive HR data are particularly at risk. The absence of known exploits in the wild currently reduces immediate threat but the public availability of exploit code may lead to rapid exploitation attempts. Overall, the vulnerability poses a moderate risk that could escalate if left unaddressed.

Organizations should immediately audit their deployments of CodeAstro Online Leave Application version 1.0 and restrict or disable internet-facing access to the /signup.php endpoint until patched. Implement strict input validation and sanitization for all parameters, especially 'city', using allowlists and rejecting unexpected input formats. Employ parameterized queries or prepared statements to prevent SQL injection. Review and minimize database user privileges to limit the impact of any successful injection. Monitor logs for suspicious SQL errors or unusual query patterns indicative of injection attempts. If a patch is released, apply it promptly. Consider deploying Web Application Firewalls (WAFs) with SQL injection detection rules as a compensating control. Conduct security awareness training for developers and administrators on secure coding practices. Finally, perform regular vulnerability scans and penetration tests focusing on input validation weaknesses in the application.