CVE-2026-11532
MEDIUMimvks786 student_management_system Student Record add.php access control
Title source: cnaDescription
A weakness has been identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected is an unknown function of the file /add.php of the component Student Record Handler. Executing a manipulation can lead to improper access controls. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.
References (6)
Core 6
Core References
Vdb Entry vdb-entry
VDB-369149 | imvks786 student_management_system Student Record add.php access control
https://vuldb.com/vuln/369149
Signature, Permissions Required signature
permissions-required
VDB-369149 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/369149/cti
Third Party Advisory third-party-advisory
CVE-2026-11532 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-11532
Third Party Advisory third-party-advisory
Submit #836634 | imvks786 student_management_system 1.0 Insufficient Authorization
https://vuldb.com/submit/836634
Exploit exploit
issue-tracking
https://github.com/imvks786/student_management_system/issues/3
Product product
https://github.com/imvks786/student_management_system/
Scores
CVSS v3
6.3
EPSS
0.0027
EPSS Percentile
18.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-266
CWE-284
Status
published
Products (1)
imvks786/student_management_system
9599b560ad3c3b83e75d328b76bedcd489ef1f46
Published
Jun 08, 2026
Tracked Since
Jun 08, 2026