CVE-2026-14778
HIGHSourceCodester Onlne Examination & Learning Management System Enrollment Management ajax_enroll.php improper authorization
Title source: cnaDescription
A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajax_enroll.php of the component Enrollment Management. The manipulation of the argument student_id/schedule_id/action leads to improper authorization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The name of the affected product appears to have a typo in it.
References (6)
Core 6
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-376368 | SourceCodester Onlne Examination & Learning Management System Enrollment Management ajax_enroll.php improper authorization
https://vuldb.com/vuln/376368
Signature, Permissions Required signature
permissions-required
VDB-376368 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/376368/cti
Third Party Advisory third-party-advisory
CVE-2026-14778 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-14778
Third Party Advisory third-party-advisory
Submit #850695 | SourceCodester Online Examination & Learning Management System 1.0 Missing Authorization
https://vuldb.com/submit/850695
Product product
https://www.sourcecodester.com/
Scores
CVSS v3
7.3
EPSS
0.0029
EPSS Percentile
21.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-266
CWE-285
Status
published
Products (1)
SourceCodester/Onlne Examination & Learning Management System
1.0
Published
Jul 06, 2026
Tracked Since
Jul 06, 2026