CVE-2026-14608
MEDIUM
4.3
CVSS 3.1
Description
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=view_student of the component POST Handler. The manipulation of the argument ID leads to authorization bypass. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Metadata
Severity & Metrics
4.3
MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| SourceCodester | CET Automated Grading System with AI Predictive Analytics | — | 1.0 |
Weakness (CWE)
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 5.3 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P |
| 4.3 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R |
| 4.3 | MEDIUM | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R |
| 4.0 | N/D | 2.0 | cna | AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR |
References (5)
- VDB-376116 | SourceCodester CET Automated Grading System with AI Predictive Analytics POST index.php view_student authorization https://vuldb.com/vuln/376116
- VDB-376116 | CTI Indicators (IOB, IOC, IOA) https://vuldb.com/vuln/376116/cti
- CVE-2026-14608 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-14608
- Submit #844625 | https://www.sourcecodester.com/ CET Automated Grading System with AI Predictive Analytics in PHP and MySQL 1.0 Insecure Direct Object Reference (IDOR) https://vuldb.com/submit/844625
- https://www.sourcecodester.com/