43 matches found
CVE-2026-16155
SourceCodester Class and Exam Timetabling System 1.0 contains an XSS vulnerability in /schoolyr.php via the sy parameter, allowing remote exploitation. The exploit is publicly available per CVE records; no remediation details are provided in the supplied documents.
EUVD-2026-45402
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /schoolyr.php. The manipulation of the argument sy leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...
EUVD-2026-45399
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /editroom1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...
CVE-2026-15715
CVE-2026-15715 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability targets the file /exam.php where manipulating the argument day enables cross-site scripting. It can be exploited remotely, and a publicly available exploit exists. The available documents do not specify...
EUVD-2026-43550
A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/2.php. This affects an unknown function of the file /editexam2.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been release...
CVE-2026-14772 SourceCodester Class and Exam Timetabling System edit_course1.php sql injection
A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /editcourse1.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...
CVE-2026-14770 SourceCodester Class and Exam Timetabling System edit_room.php sql injection
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...
CVE-2026-14733
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. This issue affects some unknown processing of the file /editcoursea.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be us...
CVE-2026-14733
CVE-2026-14733 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability involves manipulation of the ID parameter in /edit_coursea.php leading to SQL injection. It is exploitable remotely and the exploit is public. CVSS metrics indicate high impact with network access, low ...
PT-2026-55780
Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit exam.php file where improper handling of the ID argument allows for SQL injection. This flaw enables a remote attacker to manipulate database...
PT-2026-55822
Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit room.php file where manipulating the ID argument allows for SQL injection, a technique used to interfere with the queries that an application...
CVE-2026-14642
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...
CVE-2026-14641
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /editcourse.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit h...
EUVD-2026-41690
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...
PT-2026-55724
Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit course.php endpoint where manipulation of the ID variable allows for remote SQL injection. SQL injection is a technique where malicious SQL...
CVE-2026-13566
SourceCodester Class and Exam Timetabling System 1.0 contains an SQL injection in the /preview3.php script triggered by manipulating the course_year_section parameter. The issue is exploitable remotely, with a publicly available exploit. The provided documents do not specify the vulnerable hostin...
CVE-2026-13527
A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /preview4.php. Such manipulation of the argument courseyearsection leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-13526
A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editclass.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
PT-2026-53262
Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description A remote SQL injection exists in the /preview3.php endpoint. This occurs when the course year section argument is manipulated, allowing an attacker to interfere with the...
CVE-2026-13486
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument courseyearsection can lead to sql injection. The attack can be launched remotely. The exploit has been...