A vulnerability described as critical has been identified in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203 . Affected by this issue is the function confirm_logged_in of the file /studentdel.php . The manipulation of the argument ID results in sql injection. This vulnerability is cataloged as CVE-2026-9474 . The attack may be launched remotely. Furthermore, there is an exploit available. This product operates on a rolling release basis, ensuring continuou