Improper Authorization Vulnerability in SourceCodester Student Grades Management System
CVE-2026-9484

5.3MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Student Grades Management System
Vendor
CVE Published:
25 May 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2026-9484?

A vulnerability affecting the SourceCodester Student Grades Management System version 1.0 has been identified in the function responsible for managing classroom students. This issue arises from improper handling of the classroom_id argument within the classroom.php file, which could permit unauthorized access to modify student-class assignments. The vulnerability can be exploited remotely, allowing attackers to manipulate classroom data without appropriate authorization, thereby posing a significant risk to user integrity.

Affected Version(s)

Student Grades Management System 1.0

References

https://vuldb.com/vuln/365465
vdb-entrytechnical-description
https://vuldb.com/vuln/365465/cti
signaturepermissions-required
https://vuldb.com/submit/814038
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

GeekerA (VulDB User)
.