CVE-2026-11531 | imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46 Administrator Login Endpoint admin/admin_login.php a_usr/a_pwd sql injection

A vulnerability identified as critical has been detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin_login.php of the component Administrator Login Endpoint. Performing a manipulation of the argument a_usr/a_pwd results in sql injection.

This vulnerability is reported as CVE-2026-11531. The attack is possible to be carried out remotely. Moreover, an exploit is present.

This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-11531 | imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46 Administrator Login Endpoint admin/admin_login.php a_usr/a_pwd sql injection

Post correlati

CVE-2024-39143 | ResidenceCMS 2.10.1 cross site scripting

CVE-2019-25707 | eBrigade ERP 4.5 pdf.php ID sql injection (Exploit 46117 / EDB-46117)

CVE-2024-47918 | TikiWiki up to 27 os command injection

CVE-2024-13041 | GitLab Community Edition/Enterprise Edition up to 17.5.4/17.6.2/17.7.0 incorrect user management