6.9
/ 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Description
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /preview3.php. The manipulation of the argument course_year_section leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.
Basic Information
ID
CVE-2026-13566
Source
VulDB
Published
Jun 29, 2026 at 12:15
Affected Product
Vendor
SourceCodester
Product
Class and Exam Timetabling System
Version
1.0
Affected Versions
SourceCodester Class and Exam Timetabling System 1.0