Skip to content
Threat Feed
high advisory

CVE-2026-14719: SourceCodester Onlne Examination & Learning Management System Privilege Escalation

A critical remote vulnerability (CVE-2026-14719) has been identified in SourceCodester Onlne Examination & Learning Management System version 1.0. The flaw resides in the Registration Endpoint, specifically within the 'register.php' file, where improper privilege management allows for manipulation of the 'role' argument, leading to unauthorized privilege escalation. A public exploit for this vulnerability has been published, increasing the immediate risk of exploitation.

A significant vulnerability, tracked as CVE-2026-14719, has been discovered in SourceCodester Onlne Examination & Learning Management System version 1.0. This flaw affects the Registration Endpoint, specifically within the register.php file, where it exhibits improper privilege management. Attackers can exploit this by manipulating the role argument during user registration. This remote vulnerability can lead to privilege escalation, allowing an unauthenticated attacker to gain elevated access within the system, potentially compromising sensitive educational data or administrative functions. The severity of this issue is heightened by the fact that a public exploit has been published and is readily available for use, making it an immediate threat to organizations utilizing this system. Defenders should prioritize patching and monitoring for exploitation attempts.

Attack Chain

  1. Reconnaissance: An attacker identifies a publicly accessible instance of SourceCodester Onlne Examination & Learning Management System 1.0.
  2. Vulnerability Identification: The attacker confirms the application version and identifies the vulnerable register.php endpoint.
  3. Crafted Request: The attacker crafts an HTTP POST request to /register.php that includes a manipulated role argument within the registration data.
  4. Exploitation: The crafted request is sent to the vulnerable endpoint, attempting to assign an elevated role (e.g., 'admin', 'instructor') to a newly created user account.
  5. Privilege Assignment: Due to improper privilege management inherent in CVE-2026-14719, the system processes the request and creates the new user with the attacker-specified elevated role.
  6. Unauthorized Access: The attacker logs into the system using the credentials of the newly created account, now possessing administrative or other highly privileged access.
  7. Impact: The attacker gains full control over system functionalities, potentially accessing sensitive student records, modifying examination content, or disrupting learning operations.

Impact

The exploitation of CVE-2026-14719 can lead to severe consequences. Attackers can achieve unauthorized privilege escalation, granting them full administrative control over the SourceCodester Onlne Examination & Learning Management System. This can result in data breaches involving sensitive student or faculty information, unauthorized modification of grades or course materials, system downtime, and reputational damage for educational institutions. The public availability of an exploit significantly increases the likelihood of widespread attacks, putting all unpatched instances at immediate risk of compromise. The CVSS 3.1 Base Score of 7.3 (High) underscores the critical nature of this vulnerability.

Recommendation

  • Patch CVE-2026-14719: Immediately apply any available patches or vendor-provided mitigations for SourceCodester Onlne Examination & Learning Management System 1.0 to address CVE-2026-14719.
  • Implement WAF Rules: Deploy a Web Application Firewall (WAF) to block HTTP POST requests to /register.php that contain suspicious role parameter manipulations, as indicated in the Sigma rule.
  • Monitor Web Logs: Enable and review web server logs for /register.php access patterns, specifically looking for HTTP POST requests with a role argument, as described in the provided Sigma rule.
  • Audit New User Registrations: Regularly audit new user registrations for the SourceCodester Onlne Examination & Learning Management System, paying close attention to any accounts created with elevated or unusual privilege levels.

Detection coverage 1

Detects CVE-2026-14719 Exploitation - Privilege Escalation via register.php role parameter

high

Detects exploitation attempts for CVE-2026-14719 where an unauthenticated attacker manipulates the `role` argument in a POST request to `register.php` to gain elevated privileges.

sigma tactics: privilege_escalation techniques: T1068 sources: webserver

Detection queries are available on the platform. Get full rules →

Indicators of compromise

1

url

TypeValue
urlhttps://pastebin.com/Z4i5MGxk