A vulnerability was determined in hemant6488 CodeIgniter-StudentManagementSystem. The affected element is an unknown function of the file /index.php/students/addStudentView of the component Student Management Handler. Executing a manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.
CVE-2026-9517 is a high-severity vulnerability in CodeIgniter-StudentManagementSystem affecting the student management handler with improper access controls in /index.php/students/addStudentView. The vulnerability allows remote exploitation and has been publicly disclosed with no patch currently available.
يؤثر هذا الضعف على نظام إدارة الطلاب المبني على CodeIgniter حيث يسمح بمعالجة غير صحيحة للتحكم في الوصول. يمكن للمهاجمين البعيدين استغلال هذه الثغرة للوصول غير المصرح إلى بيانات الطلاب أو تعديلها من خلال نقطة نهاية addStudentView.
A high-severity access control vulnerability exists in CodeIgniter-StudentManagementSystem that could allow unauthorized manipulation of student data through the addStudentView endpoint. The vulnerability is remotely exploitable and publicly disclosed with no vendor response or available patches.
Immediately audit all instances of CodeIgniter-StudentManagementSystem for unauthorized access; implement strict input validation and access control checks on /index.php/students/addStudentView endpoint; apply web application firewall rules to restrict access to student management functions; monitor logs for suspicious activity; consider migrating to alternative student management solutions with active security support; disable the vulnerable component if not critical to operations.
قم بفحص فوري لجميع نسخ نظام إدارة الطلاب CodeIgniter للتحقق من الوصول غير المصرح؛ طبق التحقق الصارم من المدخلات والتحكم في الوصول على نقطة نهاية addStudentView؛ طبق قواعد جدار الحماية لتقييد الوصول إلى وظائف إدارة الطلاب؛ راقب السجلات للنشاط المريب؛ فكر في الهجرة إلى حلول بديلة لإدارة الطلاب مع دعم أمني نشط؛ عطل المكون الضعيف إذا لم يكن حرجاً للعمليات.