← Back
2026-05-04 7:45CVE-2026-7745VulDB
PUBLISHED5.2CWE-89CWE-74

CodeAstro Online Classroom facultydetails sql injection

A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown function of the file /OnlineClassroom/facultydetails. This manipulation of the argument deleteid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Problem type

Affected products

CodeAstro

Online Classroom

1.0 - AFFECTED

References

VDB-360920 | CodeAstro Online Classroom facultydetails sql injection

https://vuldb.com/vuln/360920

vdb-entrytechnical-description
VDB-360920 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/360920/cti

signaturepermissions-required
Submit #807697 | codeastro Online Classroom V1.0 SQL Injection

https://vuldb.com/submit/807697

third-party-advisory
github.com

https://github.com/yuji0903/silver-guide/issues/22

exploitissue-tracking
codeastro.com

https://codeastro.com/

product

GitHub Security Advisories

GHSA-67mq-55xc-r45j

A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown...

https://github.com/advisories/GHSA-67mq-55xc-r45j

A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown function of the file /OnlineClassroom/facultydetails. This manipulation of the argument deleteid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2026-7745

github.com

https://github.com/yuji0903/silver-guide/issues/22

codeastro.com

https://codeastro.com

vuldb.com

https://vuldb.com/submit/807697

vuldb.com

https://vuldb.com/vuln/360920

vuldb.com

https://vuldb.com/vuln/360920/cti

github.com

https://github.com/advisories/GHSA-67mq-55xc-r45j

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-7745
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-7745",
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "dateUpdated": "2026-05-04T07:45:11.285Z",
    "dateReserved": "2026-05-03T17:16:15.835Z",
    "datePublished": "2026-05-04T07:45:11.285Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB",
        "dateUpdated": "2026-05-04T07:45:11.285Z"
      },
      "title": "CodeAstro Online Classroom facultydetails sql injection",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown function of the file /OnlineClassroom/facultydetails. This manipulation of the argument deleteid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized."
        }
      ],
      "affected": [
        {
          "vendor": "CodeAstro",
          "product": "Online Classroom",
          "versions": [
            {
              "version": "1.0",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "SQL Injection",
              "cweId": "CWE-89",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Injection",
              "cweId": "CWE-74",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://vuldb.com/vuln/360920",
          "name": "VDB-360920 | CodeAstro Online Classroom facultydetails sql injection",
          "tags": [
            "vdb-entry",
            "technical-description"
          ]
        },
        {
          "url": "https://vuldb.com/vuln/360920/cti",
          "name": "VDB-360920 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ]
        },
        {
          "url": "https://vuldb.com/submit/807697",
          "name": "Submit #807697 | codeastro  Online Classroom V1.0 SQL Injection",
          "tags": [
            "third-party-advisory"
          ]
        },
        {
          "url": "https://github.com/yuji0903/silver-guide/issues/22",
          "tags": [
            "exploit",
            "issue-tracking"
          ]
        },
        {
          "url": "https://codeastro.com/",
          "tags": [
            "product"
          ]
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM"
          }
        },
        {
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM"
          }
        },
        {
          "cvssV2_0": {
            "version": "2.0",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "baseScore": 6.5
          }
        }
      ],
      "timeline": [
        {
          "time": "2026-05-03T00:00:00.000Z",
          "lang": "en",
          "value": "Advisory disclosed"
        },
        {
          "time": "2026-05-03T02:00:00.000Z",
          "lang": "en",
          "value": "VulDB entry created"
        },
        {
          "time": "2026-05-03T19:21:35.000Z",
          "lang": "en",
          "value": "VulDB entry last update"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "yu_ji (VulDB User)",
          "type": "reporter"
        }
      ]
    }
  }
}