216.73.216.86

CVE-2026-7148

· Published 27/04/2026 19:16 · Modified 27/04/2026 19:25

Labels: CVE-2026-7148 2026-04-27CVE-2026-7148CWE-74[email protected]

Essential information

Published
27/04/2026 19:16
Modified
27/04/2026 19:25
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Executing a manipulation of the argument fname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.

NVD status

Status
Deferred — When a CVE is given this status the NVD does not plan analyze or re-analyze this CVE due to resource or other concerns.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
codeastro / online classroom cpe:2.3:a:codeastro:online_classroom:1.0:*:*:*:*:*:*:*

References