CVE-2026-9583
4.3 MEDIUMA weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0
Published: 2026-05-26 · Last updated: 2026-05-28
Severity and scoring
- CVSS
- 4.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- CWE
- CWE-200, CWE-209
Description
A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9583
- [Other]https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-9583-Information-Disclosure/Advisory.md
- [Other]https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-9583-Information-Disclosure/poc.sh
- [Other]https://vuldb.com/submit/817932
- [Other]https://vuldb.com/vuln/365639
- [Other]https://vuldb.com/vuln/365639/cti
- [Other]https://www.sourcecodester.com/
- [Other]https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-9583-Information-Disclosure/poc.sh
Related CVEs
Same CWE
- CVE-2026-12117 — Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault member to ...
- CVE-2026-12320 — Information disclosure in the Password Manager component (4.3 MEDIUM)
- CVE-2026-12311 — Information disclosure, sandbox escape in the Security: Process Sandboxing component (4.7 MEDIUM)
- CVE-2026-50870 — An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensi... (7.5 HIGH)
- CVE-2026-39007 — An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export ... (7.5 HIGH)