PT-2026-22603 · Code Projects · Simple Student Alumni System
Thirtypenny77
·
Published
2026-03-02
·
Updated
2026-03-07
·
CVE-2026-26695
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
code-projects Simple Student Alumni System version 1.0
Description
The Simple Student Alumni System is susceptible to SQL Injection in the
/TracerStudy/recordstudent edit.php file. The vulnerability exists due to insufficient input validation, potentially allowing an attacker to manipulate database queries. The vulnerable parameter is not specified.Recommendations
Apply input validation and sanitization to all user-supplied data used in database queries within the
/TracerStudy/recordstudent edit.php file.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simple Student Alumni System