CVE-2026-11584

Description

A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.

References

• https://codeastro.com/
• https://github.com/Andelstander/cve/issues/9
• https://vuldb.com/cve/CVE-2026-11584
• https://vuldb.com/submit/836799
• https://vuldb.com/vuln/369181