← voltar
CVE-2026-11583

CodeAstro Student Attendance Management System createClass.php sql injection

CVSS 5.3 MEDIUMEPSS 0.2%CWE-74CWE-89
A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argument className leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
CodeAstro · Student Attendance Management System
PoCs públicas encontradas1
cve_referencegithub.com/Andelstander/cve/issues/8não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://codeastro.com/https://github.com/Andelstander/cve/issues/8https://vuldb.com/cve/CVE-2026-11583https://vuldb.com/submit/836798https://vuldb.com/vuln/369180https://vuldb.com/vuln/369180/cti