Unknown · Cyber-Iii Student-Management-System · CVE-2026-5642
Name of the Vulnerable Software and Affected Versions
Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f
Description
A flaw exists in Cyber-III Student-Management-System that allows for improper authorization. The issue is related to the manipulation of the `Name` argument within the HTTP POST Request Handler, specifically affecting an unknown function in the `/viva/update.php` file. This manipulation can be initiated remotely. The exploit has been publicly disclosed.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.