Skip to main content

StudentManagementSystem EUVD-2026-31700

| CVE-2026-9470 MEDIUM
SQL Injection (CWE-89)
2026-05-25 VulDB GHSA-f85v-rrcm-xq6m
PHP SQLi Studentmanagementsystem
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 08, 2026 - 11:45 vuln.today
Severity Changed
May 26, 2026 - 20:07 NVD
HIGH MEDIUM
CVSS changed
May 26, 2026 - 20:07 NVD
7.3 (HIGH) 5.5 (MEDIUM)

DescriptionCVE.org

A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirm_logged_in of the file student_trans.php. Such manipulation of the argument FIRST_NAME/Last_Name/EMAIL leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

SQL injection in yashpokharna2555's StudentManagementSystem (commit cb2f558) exposes the confirm_logged_in function in student_trans.php to unauthenticated remote attackers who can manipulate FIRST_NAME, Last_Name, and EMAIL parameters to execute arbitrary SQL against the backend database. A public exploit has been disclosed via GitHub issue #3, confirming exploitability requires minimal skill; however, EPSS at 0.03% (9th percentile) indicates very low observed real-world exploitation activity, likely reflecting the narrow deployment footprint of this niche open-source PHP project rather than any technical barrier. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify internet-exposed StudentManagementSystem instance
Delivery
Send HTTP request to student_trans.php
Exploit
Inject SQL payload in FIRST_NAME/Last_Name/EMAIL parameter
Execution
Bypass unsanitized query in confirm_logged_in
Persist
Execute attacker-controlled SQL against database
Impact
Extract or manipulate student records
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms no special conditions - remote unauthenticated exploitation is possible against any network-exposed instance of StudentManagementSystem without requiring any account, session, or privilege. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.5 (Medium) is driven by a network attack vector (AV:N), low complexity (AC:L), no required privileges (PR:N), and no user interaction (UI:N), placing this squarely in the unauthenticated remote exploitation category. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker identifies an internet-exposed instance of StudentManagementSystem and sends an HTTP request to student_trans.php with a crafted value in the FIRST_NAME, Last_Name, or EMAIL parameter - for example, a classic UNION-based or error-based SQL injection payload. Because a public proof-of-concept is available via GitHub issue #3, the attacker can adapt an existing technique with minimal effort, requiring no prior knowledge of the database schema. …
Remediation No vendor-released patch identified at time of analysis - the project maintainer was notified via a GitHub issue report (https://github.com/yashpokharna2555/StudentManagementSystem/issues/3) but has not yet responded. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-49952 CRITICAL POC
9.3 Jun 15

Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
CVE-2026-49954 HIGH POC
8.6 Jun 15

Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a

CVE-2026-49768 CRITICAL
9.8 Jun 15

Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
CVE-2026-27053 CRITICAL
9.8 Jun 15

Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
CVE-2026-49104 CRITICAL
9.8 Jun 15

Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo

Share

EUVD-2026-31700 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy