CVE-2026-13486 | SourceCodester Class and Exam Timetabling System 1.0/6.php /preview6.php course_year_section sql injection

Inserito da Angelo Barbosa | Giu 27, 2026 | CVE

A vulnerability labeled as critical has been found in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument course_year_section can lead to sql injection.

This vulnerability is tracked as CVE-2026-13486. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-13486 | SourceCodester Class and Exam Timetabling System 1.0/6.php /preview6.php course_year_section sql injection

Post correlati

CVE-2025-66073 | Cozmoslabs WP Webhooks Plugin up to 3.3.8 on WordPress deserialization

CVE-2026-28561 | gVectors wpForo Forum up to 2.4.15 cross site scripting

CVE-2026-39315 | unjs unhead up to 2.1.12 safe.ts useHeadSafe incomplete blacklist (GHSA-95h2-gj7x-gx9w)

CVE-2025-26768 | what3words Address Field Plugin up to 4.0.15 on WordPress cross-site request forgery