CVE-2026-9484
6.3 MEDIUMA vulnerability was determined in SourceCodester Student Grades Management System 1.0
Published: 2026-05-25 · Last updated: 2026-05-26
Severity and scoring
- CVSS
- 6.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- CWE
- CWE-266, CWE-285
Description
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected by this vulnerability is the function getClassroomStudents/removeStudentFromClassroom of the file classroom.php. Executing a manipulation of the argument classroom_id can lead to improper authorization. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9484
- [Other]https://github.com/Jack-MRJ/Student-Grades-Management-System-Vulnerability-Report
- [Other]https://vuldb.com/submit/814038
- [Other]https://vuldb.com/submit/814039
- [Other]https://vuldb.com/submit/814042
- [Other]https://vuldb.com/vuln/365465
- [Other]https://vuldb.com/vuln/365465/cti
- [Other]https://www.sourcecodester.com/
Related CVEs
Same CWE
- CVE-2026-53862 — OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with... (4.2 MEDIUM)
- CVE-2026-53847 — OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway operators wit... (5.4 MEDIUM)
- CVE-2026-49780 — Customer Privilege Escalation in Dokan <= 5.0.2 versions (8.8 HIGH)
- CVE-2026-49083 — Contributor Privilege Escalation in LatePoint <= 5.5.1 versions (7.5 HIGH)
- CVE-2026-49063 — Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions (7.3 HIGH)