CVE-2026-7744

MEDIUM NVD

CVSS Score 6.3

Severity MEDIUM

Published May 04, 2026

Vendor unknown

Description

A vulnerability was found in CodeAstro Online Classroom 1.0. This affects an unknown function of the file /OnlineClassroom/addnewstudent. The manipulation of the argument fname results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.

References

https://codeastro.com/
https://github.com/yuji0903/silver-guide/issues/21
https://vuldb.com/submit/807696
https://vuldb.com/vuln/360919
https://vuldb.com/vuln/360919/cti