Vendor
high
advisory
Cyber-III Student-Management-System Improper Authorization Vulnerability (CVE-2026-5642)
2 rules 1 TTP 1 CVECVE-2026-5642 allows a remote attacker to escalate privileges on a Cyber-III Student-Management-System by manipulating the Name argument in an HTTP POST request to /viva/update.php due to improper authorization.
Student-Management-System
CVE-2026-5642
privilege-escalation
web-application
2r
1t
1c
high
advisory
Cyber-III Student-Management-System SQL Injection Vulnerability
2 rules 2 TTPs 1 CVEA remote SQL injection vulnerability (CVE-2026-5669) exists in the /login.php file of Cyber-III Student-Management-System due to improper handling of the Password parameter, potentially allowing attackers to manipulate the system's database remotely.
Student-Management-System
sql-injection
web-application
cve-2026-5669
2r
2t
1c