CVE-2026-5669

CVSS v2.0

7.5

High

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cyber-III Student-Management-System versions up to 1a938fa61e9f735078e9b291d2e6215b4942af3f

Description A SQL injection issue exists in the Parameter Handler component of Cyber-III Student-Management-System. The vulnerability is located in the /login.php file. Manipulation of the Password parameter can lead to SQL injection. The attack can be launched remotely. The exploit has been publicly disclosed.

Recommendations Update to a version beyond 1a938fa61e9f735078e9b291d2e6215b4942af3f.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2026-5669

Affected Products

Cyber-Iii Student-Management-System

CVE-2026-5669

Weakness Enumeration

Related Identifiers

Affected Products

References · 7