CVE Catalog

CVE-2026-11486

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Manipulating the 'sy' argument in the /archive1.php file leads to SQL injection, allowing for remote exploitation.

Risk Assessment

Remote exploitation of this vulnerability could lead to unauthorized access to the database, posing a serious threat to the integrity and confidentiality of the organization's data.

Recommendation

It is recommended to immediately update the system to the latest version and implement input data filtering to prevent SQL injection.

Original NVD description (English source)

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS