A vulnerability was found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1 . It has been classified as critical . The affected element is an unknown function of the file add_user_check.php of the component User Creation Handler . The manipulation of the argument role leads to sql injection. This vulnerability is referenced as CVE-2026-10227 . Remote exploitation of the attack is possible. Furthermore, an exploit is available. This product follows a