CVE Catalog

CVE-2026-11471

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. Manipulation of the 'Password' argument in the /index2.php file leads to SQL injection, allowing for remote attack.

Risk Assessment

This vulnerability poses a serious risk to organizations as it allows remote attackers to access the database through malicious SQL queries.

Recommendation

It is recommended to immediately update the system to the latest version and implement appropriate security measures to minimize the risk of attack.

Original NVD description (English source)

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS