CVE Catalog

CVE-2026-14733

HighCVSS 7.3
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

18th percentile — higher than 18% of all known CVEs

Summary

A SQL injection vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0 in the file /edit_coursea.php. An attacker can remotely manipulate the ID argument, leading to SQL injection. The exploit is publicly available.

Risk Assessment

The risk includes unauthorized database access, leakage of sensitive data (e.g., schedules), and potential modification or deletion of system data.

Recommendation

Immediately update the system to the latest version or apply a security patch. If not possible, disable access to /edit_coursea.php or implement input filtering.

Original NVD description (English source)

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. This issue affects some unknown processing of the file /edit_coursea.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS