CVE-2026-11584
MediumCVSS 6.3Summary
A vulnerability was found in CodeAstro Student Attendance Management System 1.0, affecting an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. Manipulation of the argument ID results in SQL injection.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a serious threat to the integrity of the database and the confidentiality of user data.
Recommendation
It is recommended to update the system to the latest version and implement input data filtering to prevent SQL injection.
Original NVD description (English source)
A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.

