PT-2026-43164 · Unknown · Codeigniter-Studentmanagementsystem

Bingzhe

·

Published

2026-05-26

·

Updated

2026-05-26

·

CVE-2026-9518

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions hemant6488 CodeIgniter-StudentManagementSystem (affected versions not specified)
Description Cross site scripting can be triggered remotely in the Students Controller component. The issue exists within the addStudent() function located in the view students.php file, where improper manipulation of the Name argument allows for the execution of malicious scripts.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the addStudent() function in the view students.php file to minimize the risk of exploitation.

Exploit

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-9518

Affected Products

Codeigniter-Studentmanagementsystem