CVE-2026-14608
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk13th percentile — higher than 13% of all known CVEs
Summary
A security vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0, allowing authorization bypass. The issue is in the /index.php?action=view_student file, where manipulation of the ID argument leads to unauthorized access.
Risk Assessment
An attacker can remotely access student data without proper authorization, potentially leading to data leakage and compromise of the grading system's integrity.
Recommendation
Update the system to the latest version or apply a security patch immediately. Until then, restrict access to /index.php?action=view_student and implement server-side validation of the ID argument.
Original NVD description (English source)
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=view_student of the component POST Handler. The manipulation of the argument ID leads to authorization bypass. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

