CVE-2026-5579 | CodeAstro Online Classroom 1.0 Parameter updatedetailsfromfaculty.php?myfid=108 fname sql injection

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability classified as critical was found in CodeAstro Online Classroom 1.0. This issue affects some unknown processing of the file /OnlineClassroom/updatedetailsfromfaculty.php?myfid=108 of the component Parameter Handler. Executing a manipulation of the argument fname can lead to sql injection.

This vulnerability appears as CVE-2026-5579. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-5579 | CodeAstro Online Classroom 1.0 Parameter updatedetailsfromfaculty.php?myfid=108 fname sql injection

Post correlati

CVE-2021-47152 | Linux Kernel up to 5.10.41/5.12.8 MPTCP Protocol mptcp_frag_can_collapse_to allocation of resources (3267a061096e/18e7f0580da1/29249eac5225)

CVE-2025-5964 | M-Files Server up to 25.3.14549 API Endpoint path traversal (EUVD-2025-18348)

CVE-2025-12491 | Senstar Symphony 7.3.2.2 FetchStoredLicense information disclosure (ZDI-25-1060)

CVE-2025-39979 | Linux Kernel up to 6.16.9 mlx5_cmd_hws_delete_fte initialization