CVE-2026-11333 | tittuvarghese CollegeManagementSystem Student Data Upload Endpoint upload_student_data.php Student-Data-CSV unrestricted upload

A vulnerability described as critical has been identified in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboard_page/forms/upload_student_data.php of the component Student Data Upload Endpoint. Such manipulation of the argument Student-Data-CSV leads to unrestricted upload.

This vulnerability is referenced as CVE-2026-11333. It is possible to launch the attack remotely. Furthermore, an exploit is available.

This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More