CVE Catalog

CVE-2026-11583

MediumCVSS 6.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability has been found in CodeAstro Student Attendance Management System 1.0 affecting an unknown function of the file /attendance-php/Admin/createClass.php. Manipulation of the argument className leads to SQL injection.

Risk Assessment

An attacker can remotely exploit this vulnerability, posing a serious threat to the security of data within the system.

Recommendation

It is recommended to update the system to the latest version and implement input data filtering to prevent SQL injection.

Original NVD description (English source)

A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argument className leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS