Home

Description

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php.

PUBLISHED Reserved 2026-04-06 | Published 2026-04-17 | Updated 2026-04-17 | Assigner mitre

References

codeastro.com/...-management-system-in-php-with-source-code/

github.com/menevarad007/CVE-2026-37749

cve.org (CVE-2026-37749)

nvd.nist.gov (CVE-2026-37749)

Download JSON