CVE-2026-11534 | imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46 /add.php name/address/fname cross site scripting

A vulnerability described as problematic has been identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting.

This vulnerability is known as CVE-2026-11534. It is possible to launch the attack remotely. Furthermore, an exploit is available.

This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-11534 | imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46 /add.php name/address/fname cross site scripting

Post correlati

CVE-2026-8260 | D-Link DCS-935L up to 1.10.01 HNAP Service hnap_service SetDeviceSettings AdminPassword buffer overflow

CVE-2026-34863 | Huawei HarmonyOS 5.1.0/6.0.0 File System out-of-bounds write

CVE-2024-55995 | Torod Holding Torod Plugin up to 1.7 on WordPress authorization

CVE-2023-49949 | Passwork up to 6.1.x 2FA improper authentication