SourceCodester Class and Exam Timetabling System preview6.php sql injection

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument course_year_section can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Basic Information

ID CVE-2026-13486

Source VulDB

Published Jun 28, 2026 at 09:45

Affected Product

Vendor SourceCodester

Product Class and Exam Timetabling System

Version 1.0

Affected Versions SourceCodester Class and Exam Timetabling System 1.0
SourceCodester Class and Exam Timetabling System 6.php

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument course_year_section can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2026-06-28T09:45:09.097Z",
    "modified": "2026-06-28T09:45:09.097Z",
    "type": "cve",
    "title": "SourceCodester Class and Exam Timetabling System preview6.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/374483\nhttps://vuldb.com/vuln/374483/cti\nhttps://vuldb.com/cve/CVE-2026-13486\nhttps://vuldb.com/submit/838188\nhttps://github.com/lffaker/cybersec/issues/5\nhttps://www.sourcecodester.com/",
    "id": "CVE-2026-13486",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "SourceCodester Class and Exam Timetabling System 1.0\nSourceCodester Class and Exam Timetabling System 6.php",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Class and Exam Timetabling System",
    "version": "1.0",
    "vendor": "SourceCodester",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SourceCodester Class and Exam Timetabling System preview6.php sql injection_CVE-2026-13486