CVE-2026-5578

MEDIUM CVSS 6.3 View on NVD ↗

Description

A vulnerability was found in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /OnlineClassroom/addassessment.php of the component Parameter Handler. Performing a manipulation of the argument deleteid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

References

https://codeastro.com/
https://github.com/zgr0508/cve/issues/1
https://vuldb.com/submit/783751
https://vuldb.com/vuln/355348
https://vuldb.com/vuln/355348/cti

Published: Apr 05, 2026 16:16 UTC Modified: Apr 05, 2026 16:16 UTC