CVE Catalog

CVE-2026-11483

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Summary

A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0 affecting an unknown function of the file /archive4.php. Manipulation of the argument 'sy' results in SQL injection.

Risk Assessment

An attacker can remotely exploit this vulnerability to carry out attacks, potentially leading to unauthorized access to the database.

Recommendation

It is recommended to update the system to the latest version and implement input data filtering to prevent SQL injection.

Original NVD description (English source)

A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /archive4.php. The manipulation of the argument sy results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS