PT-2026-6731 · Mathurvishal · Cloudclassroom-Php Project
Bl4Dsc4N
·
Publicado
2026-02-06
·
Atualizado
2026-02-06
·
CVE-2026-2058
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
mathurvishal CloudClassroom-PHP-Project versions prior to 5dadec098bfbbf3300d60c3494db3fb95b66e7be
Description
A flaw exists in the Post Query Details Page component of mathurvishal CloudClassroom-PHP-Project. The issue involves a SQL injection vulnerability in the
/postquerypublic.php file. Manipulation of the gnamex argument within an unknown function causes the SQL injection. The attack can be carried out remotely. The exploit has been published.Recommendations
Update to a version prior to 5dadec098bfbbf3300d60c3494db3fb95b66e7be.
Exploit
Correção
SQL injection
Special Elements Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Cloudclassroom-Php Project