CVE-2026-14698

Summary

A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file upload_files.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

Affected Software

VendorProductVersion RangeStatus
SourceCodesterSyllabus-Aligned Learning Management and Examination System1.0affected

Weaknesses

  • CWE-434: Unrestricted Upload
  • CWE-284: Improper Access Controls

References