← Back
2026-05-04 7:15CVE-2026-7743VulDB
PUBLISHED5.2CWE-89CWE-74

CodeAstro Online Classroom studentdetails sql injection

A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Problem type

Affected products

CodeAstro

Online Classroom

1.0 - AFFECTED

References

VDB-360918 | CodeAstro Online Classroom studentdetails sql injection

https://vuldb.com/vuln/360918

vdb-entrytechnical-description
VDB-360918 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/360918/cti

signaturepermissions-required
Submit #807695 | codeastro Online Classroom V1.0 SQL Injection

https://vuldb.com/submit/807695

third-party-advisory
github.com

https://github.com/yuji0903/silver-guide/issues/20

exploitissue-tracking
codeastro.com

https://codeastro.com/

product

GitHub Security Advisories

GHSA-f8xj-hc8g-wqw9

A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an...

https://github.com/advisories/GHSA-f8xj-hc8g-wqw9

A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2026-7743

github.com

https://github.com/yuji0903/silver-guide/issues/20

codeastro.com

https://codeastro.com

vuldb.com

https://vuldb.com/submit/807695

vuldb.com

https://vuldb.com/vuln/360918

vuldb.com

https://vuldb.com/vuln/360918/cti

github.com

https://github.com/advisories/GHSA-f8xj-hc8g-wqw9

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-7743
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-7743",
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "dateUpdated": "2026-05-04T07:15:10.911Z",
    "dateReserved": "2026-05-03T17:16:09.627Z",
    "datePublished": "2026-05-04T07:15:10.911Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB",
        "dateUpdated": "2026-05-04T07:15:10.911Z"
      },
      "title": "CodeAstro Online Classroom studentdetails sql injection",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used."
        }
      ],
      "affected": [
        {
          "vendor": "CodeAstro",
          "product": "Online Classroom",
          "versions": [
            {
              "version": "1.0",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "SQL Injection",
              "cweId": "CWE-89",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Injection",
              "cweId": "CWE-74",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://vuldb.com/vuln/360918",
          "name": "VDB-360918 | CodeAstro Online Classroom studentdetails sql injection",
          "tags": [
            "vdb-entry",
            "technical-description"
          ]
        },
        {
          "url": "https://vuldb.com/vuln/360918/cti",
          "name": "VDB-360918 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ]
        },
        {
          "url": "https://vuldb.com/submit/807695",
          "name": "Submit #807695 | codeastro  Online Classroom V1.0 SQL Injection",
          "tags": [
            "third-party-advisory"
          ]
        },
        {
          "url": "https://github.com/yuji0903/silver-guide/issues/20",
          "tags": [
            "exploit",
            "issue-tracking"
          ]
        },
        {
          "url": "https://codeastro.com/",
          "tags": [
            "product"
          ]
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM"
          }
        },
        {
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM"
          }
        },
        {
          "cvssV2_0": {
            "version": "2.0",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "baseScore": 6.5
          }
        }
      ],
      "timeline": [
        {
          "time": "2026-05-03T00:00:00.000Z",
          "lang": "en",
          "value": "Advisory disclosed"
        },
        {
          "time": "2026-05-03T02:00:00.000Z",
          "lang": "en",
          "value": "VulDB entry created"
        },
        {
          "time": "2026-05-03T19:21:28.000Z",
          "lang": "en",
          "value": "VulDB entry last update"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "yu_ji (VulDB User)",
          "type": "reporter"
        }
      ]
    }
  }
}