CVE Catalog

CVE-2026-11485

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Summary

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. The issue affects an unknown function of the file /archive2.php, where manipulation of the argument 'sy' can lead to SQL injection.

Risk Assessment

An attacker may remotely exploit this vulnerability, posing a serious threat to data integrity and system security. The public disclosure of the exploit increases the risk of attacks.

Recommendation

It is recommended to immediately update the system to the latest version that addresses this vulnerability. Additionally, conducting a security audit of the application is advisable to identify other potential threats.

Original NVD description (English source)

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive2.php. Such manipulation of the argument sy leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS