CVE-2026-11485
HighCVSS 7.3Summary
A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. The issue affects an unknown function of the file /archive2.php, where manipulation of the argument 'sy' can lead to SQL injection.
Risk Assessment
An attacker may remotely exploit this vulnerability, posing a serious threat to data integrity and system security. The public disclosure of the exploit increases the risk of attacks.
Recommendation
It is recommended to immediately update the system to the latest version that addresses this vulnerability. Additionally, conducting a security audit of the application is advisable to identify other potential threats.
Original NVD description (English source)
A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive2.php. Such manipulation of the argument sy leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

