CVE-2026-10225

Name of the Vulnerable Software and Affected Versions raisulislamg4 student management system by php versions prior to 310d950e09013d5133c6b9210aff9444382d16d1

Description An issue exists in the Login component within the 'login check.php' file. A remote attacker can perform SQL injection, which is a technique used to manipulate a database by inserting malicious SQL code into a query, by manipulating the Username argument.

Recommendations Update to a version later than 310d950e09013d5133c6b9210aff9444382d16d1. As a temporary workaround, restrict access to the 'login check.php' file or sanitize the Username input to minimize the risk of exploitation.