CVE-2025-26198

Name of the Vulnerable Software and Affected Versions CloudClassroom-PHP-Project version 1.0

Description The issue allows unauthenticated attackers to bypass authentication and gain administrative access due to SQL Injection in the loginlinkadmin.php file. The application fails to properly sanitize user inputs before constructing SQL queries, enabling an attacker to manipulate database queries via specially crafted payloads.

Recommendations For CloudClassroom-PHP-Project version 1.0, consider implementing proper input sanitization to prevent SQL Injection attacks. As a temporary workaround, restrict access to the loginlinkadmin.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.