CVE-2026-2938 | SourceCodester Student Result Management System 1.0 update_smtp.php access control

Inserito da Angelo Barbosa | Feb 21, 2026 | CVE

A vulnerability marked as critical has been reported in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/update_smtp.php. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2026-2938. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-2938 | SourceCodester Student Result Management System 1.0 update_smtp.php access control

Post correlati

CVE-2024-32460 | FreeRDP up to 2.11.5/3.4.x Legacy GDI out-of-bounds (GHSA-4rr8-gr65-vqrr)

CVE-2024-12652 | Intumit SmartRobots Conversational AI Platform up to 7.1.x Groovy Script code injection

CVE-2024-54046 | Adobe Connect up to 11.4.7/12.6 cross site scripting (apsb24-99)

CVE-2024-4841 | parisneo lollms-webui up to 9.6 HTTP Request add_reference_to_local_model add_reference_to_local_mode path path traversal