Lucene search
+L

10 matches found

EUVD
EUVD
added 6 hours ago5 views

EUVD-2026-45443

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /editsubject.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...

7.5CVSS7.1AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.16 views

PT-2026-55780

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit exam.php file where improper handling of the ID argument allows for SQL injection. This flaw enables a remote attacker to manipulate database...

7.5CVSS7.2AI score0.00263EPSS
Exploits0References10
NVD
NVD
added 2026/07/04 7:16 p.m.11 views

CVE-2026-14642

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

7.5CVSS0.00412EPSS
Exploits0References6
NVD
NVD
added 2026/07/04 7:16 p.m.11 views

CVE-2026-14641

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /editcourse.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit h...

7.5CVSS0.00416EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.17 views

PT-2026-55724

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit course.php endpoint where manipulation of the ID variable allows for remote SQL injection. SQL injection is a technique where malicious SQL...

7.5CVSS7.1AI score0.00416EPSS
Exploits0References11
CVE
CVE
added 2026/06/29 12:15 p.m.17 views

CVE-2026-13566

SourceCodester Class and Exam Timetabling System 1.0 contains an SQL injection in the /preview3.php script triggered by manipulating the course_year_section parameter. The issue is exploitable remotely, with a publicly available exploit. The provided documents do not specify the vulnerable hostin...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 10:16 a.m.12 views

CVE-2026-13486

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument courseyearsection can lead to sql injection. The attack can be launched remotely. The exploit has been...

7.5CVSS0.00412EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 3:30 a.m.9 views

CVE-2026-11484 SourceCodester Class and Exam Timetabling System archive3.php sql injection

A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of the argument sy causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public an...

7.5CVSS5.4AI score0.00275EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.20 views

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...

7.5CVSS7.5AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2023/02/26 12:15 p.m.6 views

CVE-2023-1039

A vulnerability classified as critical was found in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index3.php of the component POST Parameter Handler. The manipulation of the argument password leads to sql...

8.8CVSS6.8AI score
Exploits0References3
Rows per page
Query Builder