SourceCodester Onlne Examination & Learning Management System import_users.php hard-coded password
CVE-2026-11552

6.9MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Onlne Examination & Learning Management System
Syllabus-aligned Learning Management And Examination System
Vendor
CVE Published:
8 June 2026

What is CVE-2026-11552?

A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import_users.php. The manipulation of the argument raw_password with the input CICT_2026 leads to use of hard-coded password. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.

Affected Version(s)

Onlne Examination & Learning Management System 1.0

Syllabus-aligned Learning Management and Examination System 1.0

References

https://vuldb.com/vuln/369162
vdb-entrytechnical-description
https://vuldb.com/vuln/369162/cti
signaturepermissions-required
https://vuldb.com/cve/CVE-2026-11552
third-party-advisory

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Kamran Saifullah (VulDB User)
VulDB Vulnerability Moderation Team
.