PT-2026-6987 · Code Projects · Online Student Management System

Baguette168

Publicado

2026-02-08

Atualizado

2026-02-10

CVE-2026-2156

CVSS v3.1

4.8

Média

Vetor

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions code-projects Online Student Management System version 1.0

Description A flaw exists in the Announcement Management Module of code-projects Online Student Management System. This issue allows for cross site scripting through an unknown function within the file /admin/announcement/index.php?view=add. The attack can be carried out remotely, and an exploit has been publicly released.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79CWE-94

Identificadores relacionados

CVE-2026-2156

Produtos afetados

Online Student Management System

PT-2026-6987 · Code Projects · Online Student Management System

CVE-2026-2156

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11