CVE-2026-14641
HighCVSS 7.3Summary
A SQL injection vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0 in the /edit_course.php file. Manipulating the ID argument allows remote SQL injection. The exploit has been publicly disclosed and may be used.
Risk Assessment
An attacker can remotely extract, modify, or delete database data, compromising the confidentiality and integrity of the system.
Recommendation
Immediately update the system to the latest version or apply a security patch. Additionally, validate and sanitize all input data, especially the ID argument.
Original NVD description (English source)
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_course.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

