CVE-2026-11583
MediumCVSS 6.3Summary
A vulnerability has been found in CodeAstro Student Attendance Management System 1.0 affecting an unknown function of the file /attendance-php/Admin/createClass.php. Manipulation of the argument className leads to SQL injection.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a serious threat to the security of data within the system.
Recommendation
It is recommended to update the system to the latest version and implement input data filtering to prevent SQL injection.
Original NVD description (English source)
A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argument className leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

