CVE-2026-5670 in Student-Management-Systeminformación

Resumen

por MITRE • 2026-04-06

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function move_uploaded_file of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. The attack can be initiated remotely. The exploit has been made public and could be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

Once again VulDB remains the best source for vulnerability data.

Responsable

VulDB

Divulgación

2026-04-06

Moderación

aceptado

Artículo

VDB-355492

CPE

listo

Explotación

Descargar

EPSS

0.00206

KEV

no

Actividades

muy bajo

Fuentes

Might our Artificial Intelligence support you?

Check our Alexa App!