CVE Catalog

CVE-2026-13565

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Summary

In SourceCodester Class and Exam Timetabling System 1.0, the file /edit_class1.php is vulnerable to SQL injection via the ID argument. The attack can be performed remotely, and the exploit has been publicly disclosed.

Risk Assessment

The organization is at risk of unauthorized database access, potentially leading to data leakage, modification, or deletion of sensitive information.

Recommendation

Immediately update the system to the latest version or apply a security patch to prevent SQL injection, such as input validation and parameterized queries.

Original NVD description (English source)

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /edit_class1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS