A vulnerability, which was classified as critical, was found in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /process_lesson.php. Such manipulation of the argument user_id leads to unrestricted upload.
This vulnerability is traded as CVE-2026-14775. The attack may be launched remotely. Furthermore, there is an exploit available.
The name of the affected product appears to have a typo in it.