Lucene search
+L

39 matches found

EUVD
EUVD
added 10 hours ago6 views

EUVD-2026-45443

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /editsubject.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...

7.5CVSS7.1AI score
Exploits0References6
EUVD
EUVD
added 18 hours ago8 views

EUVD-2026-45413

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /CYS.php. This manipulation of the argument course causes cross site scripting. The attack is possible to be carried out remotely. The...

5.1CVSS3.6AI score
Exploits0References6
CVE
CVE
added yesterday10 views

CVE-2026-16154

SourceCodester Class and Exam Timetabling System 1.0/1.php has an SQL injection vulnerability in /edit_room1.php triggered by manipulating the ID parameter. The issue is remotely exploitable with a publicly disclosed exploit. Affected functionality is unknown on the /edit_room1.php file; root cau...

7.5CVSS7AI score
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-60990

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /schoolyr.php. The manipulation of the argument sy leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

5.1CVSS3.8AI score
Exploits0References7
NVD
NVD
added 6 days ago6 views

CVE-2026-15596

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /subject.php. Such manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit is...

5.3CVSS0.00347EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-57908

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description A SQL injection flaw exists in the /edit exam2.php endpoint. This issue occurs when the ID argument is manipulated, allowing a remote attacker to execute arbitrary SQL...

7.5CVSS7.2AI score0.00328EPSS
Exploits0References8
NVD
NVD
added 2026/07/05 9:16 p.m.9 views

CVE-2026-14770

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS0.00269EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 8:45 a.m.9 views

CVE-2026-14732

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This vulnerability affects unknown code of the file /editexam.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.16 views

PT-2026-55780

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit exam.php file where improper handling of the ID argument allows for SQL injection. This flaw enables a remote attacker to manipulate database...

7.5CVSS7.2AI score0.00263EPSS
Exploits0References10
NVD
NVD
added 2026/07/04 7:16 p.m.11 views

CVE-2026-14642

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

7.5CVSS0.00412EPSS
Exploits0References6
NVD
NVD
added 2026/07/04 7:16 p.m.11 views

CVE-2026-14641

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /editcourse.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit h...

7.5CVSS0.00416EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/04 6:45 p.m.10 views

CVE-2026-14642

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.17 views

PT-2026-55724

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit course.php endpoint where manipulation of the ID variable allows for remote SQL injection. SQL injection is a technique where malicious SQL...

7.5CVSS7.1AI score0.00416EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.14 views

PT-2026-55725

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description Remote SQL injection is possible due to improper handling of the ID argument within the /edit class2.php endpoint. SQL injection is a technique where an attacker inserts...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References11
NVD
NVD
added 2026/06/29 2:16 p.m.10 views

CVE-2026-13565

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /editclass1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The...

7.5CVSS0.00263EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 12:15 p.m.17 views

CVE-2026-13566

SourceCodester Class and Exam Timetabling System 1.0 contains an SQL injection in the /preview3.php script triggered by manipulating the course_year_section parameter. The issue is exploitable remotely, with a publicly available exploit. The provided documents do not specify the vulnerable hostin...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 2:30 a.m.19 views

CVE-2026-13527

CVE-2026-13527 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is in an unknown function within /preview4.php where manipulating the argument course_year_section enables SQL injection. The attack can be launched remotely, and the exploit has been disclosed publicly...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 11:16 a.m.16 views

CVE-2026-13488

A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/7.php. Affected by this vulnerability is an unknown functionality of the file /preview7.php. The manipulation of the argument courseyearsection results in sql injection. The attack may be launched remotely...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 11:16 a.m.11 views

CVE-2026-13487

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive.php. The manipulation of the argument sy leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

7.5CVSS0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 10:30 a.m.38 views

CVE-2026-13488 SourceCodester Class and Exam Timetabling System preview7.php sql injection

A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/7.php. Affected by this vulnerability is an unknown functionality of the file /preview7.php. The manipulation of the argument courseyearsection results in sql injection. The attack may be launched remotely...

7.5CVSS0.00269EPSS
Exploits0References6
Rows per page
Query Builder