EUVD-2026-19400

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. Impacted is an unknown function of the file /admin/class%20schedule/deletebatch.php of the component Class Schedule Deletion Endpoint. Executing a manipulation of the argument bat...

EUVD-2026-19365

A flaw has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown part of the file /admin/Add%20notice/add%20notice.php. This manipulation of the argument $SERVER'PHPSELF' causes cross site scripting. It is possible to initiate th...

CVE-2026-5671

CVE-2026-5671 affects Cyber-III Student-Management-System (up to 1a938fa61e9f735078e9b291d2e6215b4942af3f). The vulnerability is in the Class Schedule Deletion Endpoint, specifically the file /admin/class%20schedule/delete_batch.php, where manipulating the argument batch enables cross-site script...

CVE-2026-5669

CVE-2026-5669 affects Cyber-III Student-Management-System. The vulnerability lies in the /login.php file within the Parameter Handler, where manipulating the Password argument enables a SQL injection. Exploitation is possible remotely, and public disclosure is noted. Connected sources do not prov...

CVE-2026-5668 Cyber-III Student-Management-System add%20notice.php cross site scripting

A flaw has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown part of the file /admin/Add%20notice/add%20notice.php. This manipulation of the argument $SERVER'PHPSELF' causes cross site scripting. It is possible to initiate th...

CVE-2026-5668

CVE-2026-5668 affects Cyber-III Student-Management-System (up to 1a938fa61e9f735078e9b291d2e6215b4942af3f). The flaw is in an unknown part of /admin/Add%20notice/add%20notice.php where manipulation of $_SERVER['PHP_SELF'] enables cross-site scripting. It can be triggered remotely; the exploit has...

CVE-2026-5643

The CVE-2026-5643 entry concerns Cyber-III Student-Management-System (up to build 1a938fa61e9f735078e9b291d2e6215b4942af3f) where an attacker can manipulate the argument $_SERVER['PHP_SELF'] in /admin/Add notice/notice.php (Admin Add Endpoint) to trigger cross-site scripting. The vulnerability is...

CVE-2026-5643 Cyber-III Student-Management-System Admin Add Endpoint notice.php cross site scripting

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

CVE-2026-5642 Cyber-III Student-Management-System HTTP POST Request update.php improper authorization

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It ...

CVE-2026-5642 Cyber-III Student-Management-System HTTP POST Request update.php improper authorization

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It ...