Back to overview

CVE-2026-14608

MEDIUM
4.3
CVSS 3.1
Description
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=view_student of the component POST Handler. The manipulation of the argument ID leads to authorization bypass. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

Metadata

CVE ID
CVE-2026-14608
State
PUBLISHED
Assigner
VulDB
Reserved
2026-07-03 13:56 UTC
Published
2026-07-03 20:00 UTC
Last updated
2026-07-03 20:00 UTC
Primary CWE
CWE-639
Authorization Bypass
Vendor / Product
SourceCodester / CET Automated Grading System with AI Predictive Analytics
Sources
cve.org  ·  NVD

Severity & Metrics

4.3 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
Affected products (1)
VendorProductPlatformVersions
SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0
Weakness (CWE)
CWESourceDescription
CWE-285 cna Improper Authorization
CWE-639 cna Authorization Bypass
CVSS scores (4)
ScoreSeverityVersionSourceVector
5.3 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
4.3 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
4.3 MEDIUM 3.0 cna CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
4.0 N/D 2.0 cna AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR
References (5)
Back to overview