SQL Injection Vulnerability in SourceCodester Class and Exam Timetabling System
CVE-2026-15597
Key Information:
- Vendor
Sourcecodester
- Vendor
- CVE Published:
- 13 July 2026
Badges
What is CVE-2026-15597?
A security flaw has been identified in the SourceCodester Class and Exam Timetabling System, specifically in the edit_exam2.php file. This vulnerability allows attackers to manipulate the argument ID, leading to SQL injection. The attack can be executed remotely, making the system susceptible to unauthorized access and data breaches. It is crucial for users and administrators to patch this vulnerability promptly to protect sensitive information.
Affected Version(s)
Class and Exam Timetabling System 1.0
Class and Exam Timetabling System 2.php
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
