Description
A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/2.php. This affects an unknown function of the file /edit_exam2.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Problem types
Product status
2.php
Timeline
| 2026-07-13: | Advisory disclosed |
| 2026-07-13: | VulDB entry created |
| 2026-07-13: | VulDB entry last update |
Credits
bzdXBHu0xzWRJ (VulDB User)
References
vuldb.com/vuln/378112 (VDB-378112 | SourceCodester Class and Exam Timetabling System edit_exam2.php sql injection)
vuldb.com/vuln/378112/cti (VDB-378112 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-15597 (CVE-2026-15597 | CVE Analysis and Report)
vuldb.com/submit/855298 (Submit #855298 | sourcecodester Class and Exam Timetabling System V1.0 SQL injection)
github.com/asdasddqwdq29-a11y/new-cve/issues/1
www.sourcecodester.com/