CVE-2026-5578 | CodeAstro Online Classroom 1.0 Parameter addassessment.php deleteid sql injection

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability classified as critical has been found in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /OnlineClassroom/addassessment.php of the component Parameter Handler. Performing a manipulation of the argument deleteid results in sql injection.

This vulnerability is reported as CVE-2026-5578. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-5578 | CodeAstro Online Classroom 1.0 Parameter addassessment.php deleteid sql injection

Post correlati

CVE-2024-28672 | DedeCMS 5.7 /dede/media_edit.php cross-site request forgery

CVE-2023-33851 | IBM PowerVM Hypervisor up to FW950.90/FW1020.40/FW1030.30 information disclosure (XFDB-257135)

CVE-2025-24416 | Adobe Commerce cross site scripting (apsb25-08)

CVE-2023-52266 | ehttp up to 1.0.5 epoll_socket.cpp read_func use after free (Issue 38)