Improper Authorization in SourceCodester Student Grades Management System
CVE-2026-9483

5.3MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Student Grades Management System
Vendor
CVE Published:
25 May 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2026-9483?

A vulnerability has been identified in the SourceCodester Student Grades Management System 1.0, specifically affecting the grades.php file. This flaw arises from improper authorization related to the manipulation of the student_id argument. Attackers can potentially exploit this weakness from a remote location, allowing unauthorized access to sensitive student grade data. Given that the exploit has been publicly disclosed, it poses a significant risk to users of the affected system, emphasizing the need for immediate remediation.

Affected Version(s)

Student Grades Management System 1.0

References

https://vuldb.com/vuln/365464
vdb-entrytechnical-description
https://vuldb.com/vuln/365464/cti
signaturepermissions-required
https://vuldb.com/submit/814037
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

GeekerA (VulDB User)
.