CVE-2026-37749

· NIST NVD ↗

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php.

CRITICAL
CVSS severity
9.8
CVSS base score
2026-04-17
Published

CWE codes

CWE-89

Sources