2 matches found
CVE-2026-16155
SourceCodester Class and Exam Timetabling System 1.0 contains an XSS vulnerability in /schoolyr.php via the sy parameter, allowing remote exploitation. The exploit is publicly available per CVE records; no remediation details are provided in the supplied documents.
PT-2026-60990
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /schoolyr.php. The manipulation of the argument sy leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...