{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/onlne-examination--learning-management-system-1.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-14778"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Onlne Examination \u0026 Learning Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["web-vulnerability","improper-authorization","cve"],"_cs_type":"advisory","_cs_vendors":["SourceCodester"],"content_html":"\u003cp\u003eThe National Vulnerability Database (NVD) has published a high-severity vulnerability, CVE-2026-14778, affecting SourceCodester Onlne Examination \u0026amp; Learning Management System version 1.0. This flaw resides in an unspecified part of the \u003ccode\u003e/ajax_enroll.php\u003c/code\u003e component, specifically within the Enrollment Management functionality. Attackers can exploit this by manipulating the \u003ccode\u003estudent_id\u003c/code\u003e, \u003ccode\u003eschedule_id\u003c/code\u003e, or \u003ccode\u003eaction\u003c/code\u003e arguments, which leads to improper authorization. This allows remote attackers to bypass intended access controls and perform unauthorized actions within the system. The vulnerability has been publicly disclosed, increasing the risk of widespread exploitation. Defenders should prioritize patching and monitoring for exploitation attempts, as unauthorized access could lead to significant data breaches or system compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eInitial Access / Reconnaissance\u003c/strong\u003e: An unauthenticated remote attacker identifies a SourceCodester Onlne Examination \u0026amp; Learning Management System 1.0 instance, potentially by scanning for known web application paths.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVulnerability Identification\u003c/strong\u003e: The attacker targets the \u003ccode\u003e/ajax_enroll.php\u003c/code\u003e endpoint, recognizing its role in enrollment management.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eParameter Manipulation\u003c/strong\u003e: The attacker crafts HTTP POST or GET requests to \u003ccode\u003e/ajax_enroll.php\u003c/code\u003e, specifically manipulating the \u003ccode\u003estudent_id\u003c/code\u003e, \u003ccode\u003eschedule_id\u003c/code\u003e, or \u003ccode\u003eaction\u003c/code\u003e parameters with unexpected or malicious values.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAuthorization Bypass\u003c/strong\u003e: The vulnerable system processes these manipulated parameters without adequate authorization checks, failing to properly validate the attacker's permissions or the legitimacy of the request.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnauthorized Action\u003c/strong\u003e: Due to the improper authorization, the system executes the requested action as if the attacker possessed legitimate privileges (e.g., enrolling a student, modifying a schedule, or other administrative functions).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImpact on System Integrity/Confidentiality\u003c/strong\u003e: The attacker successfully gains unauthorized access to sensitive functionalities or data, leading to data modification, unauthorized data exposure, or full system compromise.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-14778 could lead to significant unauthorized access and data integrity issues. Attackers could enroll or unenroll students, modify examination schedules, or alter learning materials without legitimate credentials. This could disrupt educational operations, compromise the integrity of academic records, or expose sensitive student and course data. While no specific victim count or targeted sectors are currently identified, any organization using SourceCodester Onlne Examination \u0026amp; Learning Management System 1.0 is at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eApply any available patches or vendor advisories immediately for SourceCodester Onlne Examination \u0026amp; Learning Management System 1.0 to address CVE-2026-14778.\u003c/li\u003e\n\u003cli\u003eEnable comprehensive webserver access logging to monitor for suspicious requests to \u003ccode\u003e/ajax_enroll.php\u003c/code\u003e that manipulate parameters related to \u003ccode\u003estudent_id\u003c/code\u003e, \u003ccode\u003eschedule_id\u003c/code\u003e, or \u003ccode\u003eaction\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eImplement Web Application Firewall (WAF) rules to detect and block anomalous requests targeting the \u003ccode\u003estudent_id\u003c/code\u003e, \u003ccode\u003eschedule_id\u003c/code\u003e, or \u003ccode\u003eaction\u003c/code\u003e parameters within requests to \u003ccode\u003e/ajax_enroll.php\u003c/code\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n","date_modified":"2026-07-06T00:22:41Z","date_published":"2026-07-06T00:22:41Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14778-sourcecodester/","summary":"A high-severity improper authorization vulnerability (CVE-2026-14778) exists in SourceCodester Onlne Examination \u0026 Learning Management System version 1.0, allowing remote attackers to bypass authorization checks by manipulating the `student_id`, `schedule_id`, or `action` arguments in `/ajax_enroll.php`, potentially leading to unauthorized access or actions.","title":"CVE-2026-14778: Improper Authorization in SourceCodester Onlne Examination \u0026 Learning Management System","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14778-sourcecodester/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-14719"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Onlne Examination \u0026 Learning Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["privilege-escalation","web-application","cve","sourcecodester","improper-privilege-management"],"_cs_type":"advisory","_cs_vendors":["SourceCodester"],"content_html":"\u003cp\u003eA significant vulnerability, tracked as CVE-2026-14719, has been discovered in SourceCodester Onlne Examination \u0026amp; Learning Management System version 1.0. This flaw affects the Registration Endpoint, specifically within the \u003ccode\u003eregister.php\u003c/code\u003e file, where it exhibits improper privilege management. Attackers can exploit this by manipulating the \u003ccode\u003erole\u003c/code\u003e argument during user registration. This remote vulnerability can lead to privilege escalation, allowing an unauthenticated attacker to gain elevated access within the system, potentially compromising sensitive educational data or administrative functions. The severity of this issue is heightened by the fact that a public exploit has been published and is readily available for use, making it an immediate threat to organizations utilizing this system. Defenders should prioritize patching and monitoring for exploitation attempts.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eReconnaissance\u003c/strong\u003e: An attacker identifies a publicly accessible instance of SourceCodester Onlne Examination \u0026amp; Learning Management System 1.0.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVulnerability Identification\u003c/strong\u003e: The attacker confirms the application version and identifies the vulnerable \u003ccode\u003eregister.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCrafted Request\u003c/strong\u003e: The attacker crafts an HTTP POST request to \u003ccode\u003e/register.php\u003c/code\u003e that includes a manipulated \u003ccode\u003erole\u003c/code\u003e argument within the registration data.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExploitation\u003c/strong\u003e: The crafted request is sent to the vulnerable endpoint, attempting to assign an elevated \u003ccode\u003erole\u003c/code\u003e (e.g., 'admin', 'instructor') to a newly created user account.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrivilege Assignment\u003c/strong\u003e: Due to improper privilege management inherent in CVE-2026-14719, the system processes the request and creates the new user with the attacker-specified elevated \u003ccode\u003erole\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnauthorized Access\u003c/strong\u003e: The attacker logs into the system using the credentials of the newly created account, now possessing administrative or other highly privileged access.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImpact\u003c/strong\u003e: The attacker gains full control over system functionalities, potentially accessing sensitive student records, modifying examination content, or disrupting learning operations.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe exploitation of CVE-2026-14719 can lead to severe consequences. Attackers can achieve unauthorized privilege escalation, granting them full administrative control over the SourceCodester Onlne Examination \u0026amp; Learning Management System. This can result in data breaches involving sensitive student or faculty information, unauthorized modification of grades or course materials, system downtime, and reputational damage for educational institutions. The public availability of an exploit significantly increases the likelihood of widespread attacks, putting all unpatched instances at immediate risk of compromise. The CVSS 3.1 Base Score of 7.3 (High) underscores the critical nature of this vulnerability.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-2026-14719\u003c/strong\u003e: Immediately apply any available patches or vendor-provided mitigations for SourceCodester Onlne Examination \u0026amp; Learning Management System 1.0 to address CVE-2026-14719.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImplement WAF Rules\u003c/strong\u003e: Deploy a Web Application Firewall (WAF) to block HTTP POST requests to \u003ccode\u003e/register.php\u003c/code\u003e that contain suspicious \u003ccode\u003erole\u003c/code\u003e parameter manipulations, as indicated in the Sigma rule.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMonitor Web Logs\u003c/strong\u003e: Enable and review web server logs for \u003ccode\u003e/register.php\u003c/code\u003e access patterns, specifically looking for HTTP POST requests with a \u003ccode\u003erole\u003c/code\u003e argument, as described in the provided Sigma rule.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAudit New User Registrations\u003c/strong\u003e: Regularly audit new user registrations for the SourceCodester Onlne Examination \u0026amp; Learning Management System, paying close attention to any accounts created with elevated or unusual privilege levels.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-05T08:20:00Z","date_published":"2026-07-05T08:20:00Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14719-privesc/","summary":"A critical remote vulnerability (CVE-2026-14719) has been identified in SourceCodester Onlne Examination \u0026 Learning Management System version 1.0. The flaw resides in the Registration Endpoint, specifically within the 'register.php' file, where improper privilege management allows for manipulation of the 'role' argument, leading to unauthorized privilege escalation. A public exploit for this vulnerability has been published, increasing the immediate risk of exploitation.","title":"CVE-2026-14719: SourceCodester Onlne Examination \u0026 Learning Management System Privilege Escalation","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14719-privesc/"}],"language":"en","title":"CraftedSignal Threat Feed - Onlne Examination \u0026 Learning Management System 1.0","version":"https://jsonfeed.org/version/1.1"}