A vulnerability marked as critical has been reported in CodeAstro Student Attendance Management System 1.0 . Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php . Performing a manipulation of the argument admissionNumber results in sql injection. This vulnerability is known as CVE-2026-12175 . Remote exploitation of the attack is possible. Furthermore, an exploit is available.