CVE Catalog

CVE-2026-11482

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /archive5.php, which allows SQL injection through manipulation of the argument sy.

Risk Assessment

An attacker can remotely exploit this vulnerability, potentially leading to unauthorized access to the database and leakage of sensitive information.

Recommendation

It is recommended to update the system to the latest version and implement input validation to prevent SQL injection.

Original NVD description (English source)

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /archive5.php. The manipulation of the argument sy leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS