CVE-2026-14772

HIGH

SourceCodester Class and Exam Timetabling System edit_course1.php sql injection

Title source: cna
STIX 2.1

Description

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /edit_course1.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

References (6)

Core 6
Core References
Vdb Entry, Technical Description vdb-entry technical-description
VDB-376362 | SourceCodester Class and Exam Timetabling System edit_course1.php sql injection
https://vuldb.com/vuln/376362
Signature, Permissions Required signature permissions-required
VDB-376362 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/376362/cti
Third Party Advisory third-party-advisory
CVE-2026-14772 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-14772
Third Party Advisory third-party-advisory
Submit #849108 | sourcecodester Class and Exam Timetabling System V1.0 SQL injection
https://vuldb.com/submit/849108

Scores

CVSS v3 7.3
EPSS 0.0027
EPSS Percentile 18.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-74 CWE-89
Status published
Products (2)
SourceCodester/Class and Exam Timetabling System 1.0
SourceCodester/Class and Exam Timetabling System 1.php
Published Jul 05, 2026
Tracked Since Jul 06, 2026