CVE Catalog

CVE-2026-14641

HighCVSS 7.3
Published: Translated: NVD NIST

Summary

A SQL injection vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0 in the /edit_course.php file. Manipulating the ID argument allows remote SQL injection. The exploit has been publicly disclosed and may be used.

Risk Assessment

An attacker can remotely extract, modify, or delete database data, compromising the confidentiality and integrity of the system.

Recommendation

Immediately update the system to the latest version or apply a security patch. Additionally, validate and sanitize all input data, especially the ID argument.

Original NVD description (English source)

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_course.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS