CVE-2026-11552

5.3 MEDIUM

A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management ...

Published: 2026-06-08 · Last updated: 2026-06-09

Severity and scoring

CVSS: 5.3 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-255, CWE-259

Description

A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import_users.php. The manipulation of the argument raw_password with the input CICT_2026 leads to use of hard-coded password. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-11552
[Other]https://vuldb.com/cve/CVE-2026-11552
[Other]https://vuldb.com/submit/836751
[Other]https://vuldb.com/vuln/369162
[Other]https://vuldb.com/vuln/369162/cti
[Other]https://www.sourcecodester.com/

Related CVEs

Same CWE

CVE-2026-11515 — A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0 (5.3 MEDIUM)
CVE-2026-35905 — T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 were discovered to contain a hardcoded password for root acce... (9.8 CRITICAL)
CVE-2026-22055 — Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perf...
CVE-2026-22054 — Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to ...
CVE-2026-7251 — Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password (9.8 CRITICAL)