A vulnerability identified as critical has been detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_product.php. This manipulation of the argument ID causes sql injection.
This vulnerability is registered as CVE-2026-14734. Remote exploitation of the attack is possible. Furthermore, an exploit is available.