CVE-2026-11585
Description
SQL injection vulnerability in CodeAstro Student Attendance Management System 1.0 allows remote attackers to access and manipulate the database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQL injection vulnerability in CodeAstro Student Attendance Management System 1.0 allows remote attackers to access and manipulate the database.
Vulnerability
A SQL injection vulnerability exists in the /attendance-php/Admin/createClassArms.php file of the CodeAstro Student Attendance Management System version 1.0. The vulnerability arises from the direct use of the classId parameter in SQL queries without proper sanitization or validation, allowing for manipulation of database operations [1].
Exploitation
An attacker can exploit this vulnerability remotely by sending a crafted POST request to the /attendance-php/Admin/createClassArms.php endpoint. The attacker needs to manipulate the classId parameter with malicious SQL code. A time-based blind SQL injection payload targeting MySQL is available, demonstrating the exploitability [1].
Impact
Successful exploitation of this SQL injection vulnerability allows an attacker to gain unauthorized access to the database. This can lead to sensitive data leakage, data tampering, modification or deletion of data, and potentially comprehensive system control or service interruption, posing a significant threat to data integrity and system security [1].
Mitigation
No specific patched version or release date for a fix has been disclosed in the available references. Users are advised to consult vendor advisories for updates. The vendor's website is available for general information [2].
AI Insight generated on Jun 8, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: = 1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"A SQL injection vulnerability was found in the '/attendance-php/Admin/createClassArms.php' file due to insufficient validation of the 'classId' parameter, allowing attackers to inject malicious SQL queries [ref_id=1]."
Attack vector
The vulnerability is in the '/attendance-php/Admin/createClassArms.php' file and can be exploited remotely by an attacker with low privileges. The attacker can manipulate the 'classId' parameter in POST requests to inject malicious SQL code. For example, a payload like 'classId=25' AND (SELECT 7149 FROM (SELECT(SLEEP(5)))AROy) AND 'yfJQ'='yfJQ' can be used to cause a time-based blind SQL injection [ref_id=1].
Affected code
The vulnerability resides in the '/attendance-php/Admin/createClassArms.php' file of the Student Attendance Management System version 1.0. Specifically, the 'classId' parameter is directly used in SQL queries without proper sanitization [ref_id=1].
What the fix does
The advisory suggests using prepared statements and parameter binding to prevent SQL injection, as this separates SQL code from user input data, treating user input as data rather than executable code. Additionally, strict input validation and filtering are recommended to ensure data conforms to expected formats. Minimizing database user permissions and conducting regular security audits are also advised [ref_id=1].
Preconditions
- authAttacker has low privileges.
- networkThe vulnerability is remotely exploitable.
- inputAttacker must be able to control the 'classId' parameter.
Reproduction
POST /attendance-php/Admin/createClassArms.php HTTP/1.1 Host: 192.168.60.130 Content-Length: 34 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Origin: http://192.168.60.130 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Referer: http://192.168.60.130/attendance-php/Admin/createClassArms.php Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9,en;q=0.8 Cookie: PHPSESSID=5bcefbh9vlfgr4m3i8d35lflp3 Connection: keep-alive
classId=25&classArmName=1111&save=
Generated on Jun 8, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6News mentions
0No linked articles in our index yet.