CVE-2026-14777

MEDIUM

SourceCodester Onlne Examination & Learning Management System announcements.php unrestricted upload

Title source: cna
STIX 2.1

Description

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The name of the affected product appears to have a typo in it.

References (6)

Core 6
Core References
Vdb Entry vdb-entry
VDB-376367 | SourceCodester Onlne Examination & Learning Management System announcements.php unrestricted upload
https://vuldb.com/vuln/376367
Signature, Permissions Required signature permissions-required
VDB-376367 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/376367/cti
Third Party Advisory third-party-advisory
CVE-2026-14777 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-14777
Third Party Advisory third-party-advisory
Submit #850679 | SourceCodester Online Examination & Learning Management System 1.0 Unrestricted Upload
https://vuldb.com/submit/850679

Scores

CVSS v3 6.3
EPSS 0.0021
EPSS Percentile 11.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-284 CWE-434
Status published
Products (1)
SourceCodester/Onlne Examination & Learning Management System 1.0
Published Jul 06, 2026
Tracked Since Jul 06, 2026