A vulnerability categorized as critical has been discovered in SourceCodester Online Employees Work from Home Attendance System 1.0 . This vulnerability affects unknown code of the file /wfh_attendance/admin/view_employee.php . Executing a manipulation can lead to sql injection. This vulnerability is handled as CVE-2026-37594 . The attack can be executed remotely. There is not any exploit available.