CVE-2026-11584

Publié : 8 juin 2026

Modifié : 8 juin 2026

Score CVSS

6.3

MEDIUM

Description détaillée

A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Références et Patchs

https://codeastro.com/https://github.com/Andelstander/cve/issues/9 https://vuldb.com/cve/CVE-2026-11584 https://vuldb.com/submit/836799 https://vuldb.com/vuln/369181 https://vuldb.com/vuln/369181/cti

Dernières Vulnérabilités

CVE-2026-11701

Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

VOIR DÉTAILS

CVE-2026-11700

Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

VOIR DÉTAILS

CVE-2026-11699

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

VOIR DÉTAILS