Lucene search
+L

17 matches found

Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-60990

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /schoolyr.php. The manipulation of the argument sy leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

5.1CVSS3.8AI score
Exploits0References7
NVD
NVD
added 2026/07/05 9:16 p.m.9 views

CVE-2026-14770

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS0.00269EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 8:45 a.m.9 views

CVE-2026-14732

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This vulnerability affects unknown code of the file /editexam.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/07/04 7:16 p.m.11 views

CVE-2026-14642

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

7.5CVSS0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/04 6:45 p.m.10 views

CVE-2026-14642

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.14 views

PT-2026-55725

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description Remote SQL injection is possible due to improper handling of the ID argument within the /edit class2.php endpoint. SQL injection is a technique where an attacker inserts...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References11
CVE
CVE
added 2026/06/29 2:30 a.m.19 views

CVE-2026-13527

CVE-2026-13527 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is in an unknown function within /preview4.php where manipulating the argument course_year_section enables SQL injection. The attack can be launched remotely, and the exploit has been disclosed publicly...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.22 views

PT-2026-53100

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /archive.php file where the manipulation of the sy argument allows for SQL injection. This allows a remote attacker to interfere with the database...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.14 views

CVE-2026-11471

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 4:0 a.m.13 views

EUVD-2026-35017

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS7.1AI score0.00275EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 4:0 a.m.23 views

CVE-2026-11486

The CVE-2026-11486 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is in /archive1.php where manipulation of the argument sy leads to SQL injection. It enables remote exploitation, with the exploit publicly available. Documents do not specify affected versions beyo...

7.5CVSS7.1AI score0.00275EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 4:0 a.m.10 views

CVE-2026-11486 SourceCodester Class and Exam Timetabling System archive1.php sql injection

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS7.1AI score0.00275EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 3:30 a.m.32 views

CVE-2026-11484

SourceCodester Class and Exam Timetabling System 1.0 is affected by a SQL injection via the archive3.php file (argument sy). The vulnerability is exploitable remotely and reportedly has publicly available exploit code. The records do not specify the exact vulnerable function name beyond archive3....

7.5CVSS7AI score0.00275EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:30 a.m.10 views

CVE-2026-11484

A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of the argument sy causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public an...

7.5CVSS7AI score0.00275EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 12:30 a.m.11 views

CVE-2026-11472 SourceCodester Class and Exam Timetabling System index1.php sql injection

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS5.5AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...

7.5CVSS7.5AI score0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/26 12:0 a.m.19 views

PT-2023-1564 · Unknown · Class/Exam Timetabling System

Name of the Vulnerable Software and Affected Versions: Class and Exam Timetabling System version 1.0 Description: The issue is related to the lack of protection against SQL query structure manipulation when handling the password parameter in the index3.php script of the Class and Exam Timetabling...

10CVSS8.1AI score0.00791EPSS
Exploits1References5
Rows per page
Query Builder