PT-2026-22603 · Code Projects · Simple Student Alumni System

Thirtypenny77

Publicado

2026-03-02

Atualizado

2026-03-07

CVE-2026-26695

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions code-projects Simple Student Alumni System version 1.0

Description The Simple Student Alumni System is susceptible to SQL Injection in the /TracerStudy/recordstudent edit.php file. The vulnerability exists due to insufficient input validation, potentially allowing an attacker to manipulate database queries. The vulnerable parameter is not specified.

Recommendations Apply input validation and sanitization to all user-supplied data used in database queries within the /TracerStudy/recordstudent edit.php file.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2026-26695

Produtos afetados

Simple Student Alumni System

PT-2026-22603 · Code Projects · Simple Student Alumni System

CVE-2026-26695

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7