CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2026-7741

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS6.4AI score0.00201EPSS

CVE-2026-7196

A security vulnerability has been detected in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /guestdetails. Such manipulation of the argument deleteid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be...

CVE-2026-7745

A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown function of the file /OnlineClassroom/facultydetails. This manipulation of the argument deleteid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed...

6.5CVSS6.5AI score0.00241EPSS

CVE-2026-7742

A flaw has been found in CodeAstro Online Classroom 1.0. The affected element is an unknown function of the file /OnlineClassroom/facultylogin. Executing a manipulation of the argument fid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be us...

RedhatCVE•added 2026/06/05 7:50 p.m.•8 views

CVE-2026-7148

A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Executing a manipulation of the argument fname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used...

6.5CVSS6.5AI score0.00241EPSS

RedhatCVE•added 2026/06/05 7:47 p.m.•5 views

CVE-2026-6033

A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedetailsfromstudent.php?eno=146891650. Executing a manipulation of the argument fname can lead to sql injection. The attack may be performed from remote. The exploit has been public...

6.5CVSS6.4AI score0.00205EPSS

EUVD•added 2026/05/07 9:30 p.m.•7 views

EUVD-2026-28443

A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /askquery.php. The manipulation of the argument squeryx results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may...

NVD•added 2026/05/07 9:16 p.m.•10 views

Exploits0References6

CVE-2026-8097

CVE•added 2026/05/07 8:15 p.m.•19 views

CVE-2026-8097

CVE-2026-8097 affects CodeAstro Online Classroom 1.0. The vulnerability is in unknown code of /askquery.php, where manipulating the squeryx argument enables SQL injection. Exploitation can be performed remotely, and public exploits exist. CVSS-derived metrics in the provided data indicate a MEDIU...

Cvelist•added 2026/05/07 8:15 p.m.•45 views

CVE-2026-8097 CodeAstro Online Classroom askquery.php sql injection

ATTACKERKB•added 2026/05/07 8:15 p.m.•6 views

CVE-2026-8097

Exploits0References5Affected Software1

CNNVD•added 2026/05/07 12:0 a.m.•6 views

CodeAstro Online Classroom 注入漏洞

CodeAstro Online Classroom is an online classroom platform provided by CodeAstro Inc. Version 1.0 of CodeAstro Online Classroom has a injection vulnerability; this vulnerability stems from the operation of the parameter squeryx in the file/askquery.php, which may lead to SQL injection attacks...

6.5CVSS6.7AI score0.00192EPSS

Positive Technologies•added 2026/05/07 12:0 a.m.•8 views

PT-2026-38573

Name of the Vulnerable Software and Affected Versions CodeAstro Online Classroom version 1.0 Description A remote SQL injection flaw exists in the '/askquery.php' endpoint. The issue occurs due to the improper manipulation of the squeryx argument, which allows an attacker to execute arbitrary SQL...

6.5CVSS6.8AI score0.00192EPSS

Exploits0References7

RedhatCVE•added 2026/05/05 8:21 p.m.•6 views

CVE-2026-7744

A vulnerability was found in CodeAstro Online Classroom 1.0. This affects an unknown function of the file /OnlineClassroom/addnewstudent. The manipulation of the argument fname results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

6.5CVSS6.3AI score0.00192EPSS

NVD•added 2026/05/04 9:16 a.m.•6 views

CVE-2026-7745

NVD•added 2026/05/04 8:16 a.m.•9 views

CVE-2026-7744

NVD•added 2026/05/04 8:16 a.m.•31 views

CVE-2026-7743

A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

6.5CVSS0.00241EPSS

NVD•added 2026/05/04 8:16 a.m.•49 views

CVE-2026-7742

6.5CVSS0.00241EPSS

NVD•added 2026/05/04 8:16 a.m.•33 views

CVE-2026-7741

CVE•added 2026/05/04 7:45 a.m.•12 views

CVE-2026-7745

CodeAstro Online Classroom 1.0 is affected by a SQL injection in the function handling /OnlineClassroom/facultydetails, via manipulation of the deleteid parameter. The vulnerability can be exploited remotely and exploitation is described as a proof-of-concept in the sources. CVSS metrics are prov...