Improper Access Control in SourceCodester's Automated Grading System
CVE-2026-12529

6.9MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Cet Automated Grading System With Ai Predictive Analytics
Vendor
CVE Published:
17 June 2026

What is CVE-2026-12529?

A significant vulnerability has been identified in the CET Automated Grading System with AI Predictive Analytics, specifically within the Student Self-Registration Endpoint. This manifestation of improper access control in the /index.php file can be manipulated, allowing unauthorized remote exploitation. Such weaknesses emphasize the importance of implementing robust access control mechanisms to safeguard sensitive functionalities.

Affected Version(s)

CET Automated Grading System with AI Predictive Analytics 1.0

References

https://vuldb.com/vuln/371976
vdb-entry
https://vuldb.com/vuln/371976/cti
signaturepermissions-required
https://vuldb.com/cve/CVE-2026-12529
third-party-advisory

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Abhay mp (VulDB User)
VulDB Vulnerability Moderation Team
.