A vulnerability, which was classified as critical, has been found in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection.
This vulnerability is handled as CVE-2026-11585. The attack can be initiated remotely. Additionally, an exploit exists.
