QSearchQSearch

CVE-2026-11533

5.4 MEDIUM

A security vulnerability has been detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46

Published: 2026-06-08 · Last updated: 2026-06-09

Severity and scoring

CVSS
5.4 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CWE
CWE-266, CWE-285

Description

A security vulnerability has been detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-47342 A privilege escalation vulnerability in Apache OFBiz allows a low-privileged authenticated user to obtain higher privileges This issue...
  • CVE-2026-46668 SpiceDB is an open source database system for creating and managing security-critical application permissions
  • CVE-2026-47298 Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network (8.0 HIGH)
  • CVE-2026-45503 Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network (8.1 HIGH)
  • CVE-2026-45490 Improper authorization in .NET allows an authorized attacker to elevate privileges locally (7.8 HIGH)