PT-2026-43164 · Unknown · Codeigniter-Studentmanagementsystem
Bingzhe
·
Published
2026-05-26
·
Updated
2026-05-26
·
CVE-2026-9518
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
hemant6488 CodeIgniter-StudentManagementSystem (affected versions not specified)
Description
Cross site scripting can be triggered remotely in the Students Controller component. The issue exists within the
addStudent() function located in the view students.php file, where improper manipulation of the Name argument allows for the execution of malicious scripts.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
As a temporary workaround, restrict access to the
addStudent() function in the view students.php file to minimize the risk of exploitation.Exploit
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Codeigniter-Studentmanagementsystem