A vulnerability, which was classified as critical , has been found in CodeAstro Student Attendance Management System 1.0 . Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php . This manipulation of the argument classId causes sql injection. This vulnerability is handled as CVE-2026-11585 . The attack can be initiated remotely. Additionally, an exploit exists.