CVE-2026-11530
HIGHimvks786 student_management_system Login index.ph sql injection
Title source: cnaDescription
A vulnerability was identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such manipulation of the argument usr/pwd leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.
References (6)
Core 6
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-369147 | imvks786 student_management_system Login index.ph sql injection
https://vuldb.com/vuln/369147
Signature, Permissions Required signature
permissions-required
VDB-369147 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/369147/cti
Third Party Advisory third-party-advisory
CVE-2026-11530 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-11530
Third Party Advisory third-party-advisory
Submit #836629 | imvks786 student_management_system 1.0 SQL Injection
https://vuldb.com/submit/836629
Exploit exploit
issue-tracking
https://github.com/imvks786/student_management_system/issues/1
Product product
https://github.com/imvks786/student_management_system/
Scores
CVSS v3
7.3
EPSS
0.0033
EPSS Percentile
24.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-74
CWE-89
Status
published
Products (1)
imvks786/student_management_system
9599b560ad3c3b83e75d328b76bedcd489ef1f46
Published
Jun 08, 2026
Tracked Since
Jun 08, 2026