CVE-2026-14719
HIGHSourceCodester Onlne Examination & Learning Management System Registration Endpoint register.php privileges management
Title source: cnaDescription
A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.
References (6)
Core 6
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-376307 | SourceCodester Onlne Examination & Learning Management System Registration Endpoint register.php privileges management
https://vuldb.com/vuln/376307
Signature, Permissions Required signature
permissions-required
VDB-376307 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/376307/cti
Third Party Advisory third-party-advisory
CVE-2026-14719 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-14719
Third Party Advisory third-party-advisory
Submit #847515 | SourceCodester (ampoldev) Online Examination & LMS (CICT Portal) by ampoldev 2026-05-25 Improper Privilege Management
https://vuldb.com/submit/847515
Exploit exploit
https://pastebin.com/Z4i5MGxk
Product product
https://www.sourcecodester.com/
Scores
CVSS v3
7.3
EPSS
0.0029
EPSS Percentile
20.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-266
CWE-269
Status
published
Products (1)
SourceCodester/Onlne Examination & Learning Management System
1.0
Published
Jul 05, 2026
Tracked Since
Jul 05, 2026