All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-13521
MEDIUMpublished 2026-06-29 02:16 UTC · 15 hours ago
5.5
CVSS / 10
// description
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php. Affected by this vulnerability is an unknown functionality of the file /preview5.php. Such manipulation of the argument course_year_section leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
// weaknesses (CWE)
- CWE-74
- CWE-89