CVE Catalog

CVE-2026-14732

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

18th percentile — higher than 18% of all known CVEs

Summary

A SQL injection vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0 in the /edit_exam.php file via the ID argument. The attack can be performed remotely and the exploit has been publicly disclosed.

Risk Assessment

The organization is at risk of unauthorized database access, data leakage, and potential system compromise.

Recommendation

Immediately apply a patch or update to the latest version, and implement input validation and sanitization in the /edit_exam.php file.

Original NVD description (English source)

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This vulnerability affects unknown code of the file /edit_exam.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS