A vulnerability categorized as critical has been discovered in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46 . This affects an unknown function of the file /index.ph of the component Login . Such manipulation of the argument usr/pwd leads to sql injection. This vulnerability is documented as CVE-2026-11530 . The attack can be executed remotely. Additionally, an exploit exists. This product implements a rolling release for ongoing delivery, which means version