CVE-2026-14719
HIGH
7.3
CVSS 3.1
Description
A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.
Metadata
Severity & Metrics
7.3
HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| SourceCodester | Onlne Examination & Learning Management System | — | 1.0 |
Weakness (CWE)
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 7.5 | N/D | 2.0 | cna | AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR |
| 7.3 | HIGH | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R |
| 7.3 | HIGH | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R |
| 6.9 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
References (6)
- VDB-376307 | SourceCodester Onlne Examination & Learning Management System Registration Endpoint register.php privileges management https://vuldb.com/vuln/376307
- VDB-376307 | CTI Indicators (IOB, IOC, TTP, IOA) https://vuldb.com/vuln/376307/cti
- CVE-2026-14719 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-14719
- Submit #847515 | SourceCodester (ampoldev) Online Examination & LMS (CICT Portal) by ampoldev 2026-05-25 Improper Privilege Management https://vuldb.com/submit/847515
- https://pastebin.com/Z4i5MGxk
- https://www.sourcecodester.com/