PT-2026-43083 · Yashpokharna2555 · Student Management System
Frljiang123
·
Published
2026-05-25
·
Updated
2026-05-25
·
CVE-2026-9469
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
yashpokharna2555 StudentManagementSystem (affected versions not specified)
Description
A weakness in the
/success.php file allows for remote SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution. The issue is triggered by the manipulation of the User argument.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
As a temporary workaround, restrict access to the
/success.php file or avoid using the User parameter until the issue is resolved.Exploit
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Student Management System