<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Onlne Examination &amp; Learning Management System 1.0 - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/onlne-examination--learning-management-system-1.0/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Mon, 06 Jul 2026 00:22:41 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/onlne-examination--learning-management-system-1.0/feed.xml" rel="self" type="application/rss+xml"/><item><title>CVE-2026-14778: Improper Authorization in SourceCodester Onlne Examination &amp; Learning Management System</title><link>https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14778-sourcecodester/</link><pubDate>Mon, 06 Jul 2026 00:22:41 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14778-sourcecodester/</guid><description>A high-severity improper authorization vulnerability (CVE-2026-14778) exists in SourceCodester Onlne Examination &amp; Learning Management System version 1.0, allowing remote attackers to bypass authorization checks by manipulating the `student_id`, `schedule_id`, or `action` arguments in `/ajax_enroll.php`, potentially leading to unauthorized access or actions.</description><content:encoded><![CDATA[<p>The National Vulnerability Database (NVD) has published a high-severity vulnerability, CVE-2026-14778, affecting SourceCodester Onlne Examination &amp; Learning Management System version 1.0. This flaw resides in an unspecified part of the <code>/ajax_enroll.php</code> component, specifically within the Enrollment Management functionality. Attackers can exploit this by manipulating the <code>student_id</code>, <code>schedule_id</code>, or <code>action</code> arguments, which leads to improper authorization. This allows remote attackers to bypass intended access controls and perform unauthorized actions within the system. The vulnerability has been publicly disclosed, increasing the risk of widespread exploitation. Defenders should prioritize patching and monitoring for exploitation attempts, as unauthorized access could lead to significant data breaches or system compromise.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Initial Access / Reconnaissance</strong>: An unauthenticated remote attacker identifies a SourceCodester Onlne Examination &amp; Learning Management System 1.0 instance, potentially by scanning for known web application paths.</li>
<li><strong>Vulnerability Identification</strong>: The attacker targets the <code>/ajax_enroll.php</code> endpoint, recognizing its role in enrollment management.</li>
<li><strong>Parameter Manipulation</strong>: The attacker crafts HTTP POST or GET requests to <code>/ajax_enroll.php</code>, specifically manipulating the <code>student_id</code>, <code>schedule_id</code>, or <code>action</code> parameters with unexpected or malicious values.</li>
<li><strong>Authorization Bypass</strong>: The vulnerable system processes these manipulated parameters without adequate authorization checks, failing to properly validate the attacker's permissions or the legitimacy of the request.</li>
<li><strong>Unauthorized Action</strong>: Due to the improper authorization, the system executes the requested action as if the attacker possessed legitimate privileges (e.g., enrolling a student, modifying a schedule, or other administrative functions).</li>
<li><strong>Impact on System Integrity/Confidentiality</strong>: The attacker successfully gains unauthorized access to sensitive functionalities or data, leading to data modification, unauthorized data exposure, or full system compromise.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The successful exploitation of CVE-2026-14778 could lead to significant unauthorized access and data integrity issues. Attackers could enroll or unenroll students, modify examination schedules, or alter learning materials without legitimate credentials. This could disrupt educational operations, compromise the integrity of academic records, or expose sensitive student and course data. While no specific victim count or targeted sectors are currently identified, any organization using SourceCodester Onlne Examination &amp; Learning Management System 1.0 is at risk.</p>
<h2 id="recommendation">Recommendation</h2>
<ol>
<li>Apply any available patches or vendor advisories immediately for SourceCodester Onlne Examination &amp; Learning Management System 1.0 to address CVE-2026-14778.</li>
<li>Enable comprehensive webserver access logging to monitor for suspicious requests to <code>/ajax_enroll.php</code> that manipulate parameters related to <code>student_id</code>, <code>schedule_id</code>, or <code>action</code>.</li>
<li>Implement Web Application Firewall (WAF) rules to detect and block anomalous requests targeting the <code>student_id</code>, <code>schedule_id</code>, or <code>action</code> parameters within requests to <code>/ajax_enroll.php</code>.</li>
</ol>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>web-vulnerability</category><category>improper-authorization</category><category>cve</category></item><item><title>CVE-2026-14719: SourceCodester Onlne Examination &amp; Learning Management System Privilege Escalation</title><link>https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14719-privesc/</link><pubDate>Sun, 05 Jul 2026 08:20:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14719-privesc/</guid><description>A critical remote vulnerability (CVE-2026-14719) has been identified in SourceCodester Onlne Examination &amp; Learning Management System version 1.0. The flaw resides in the Registration Endpoint, specifically within the 'register.php' file, where improper privilege management allows for manipulation of the 'role' argument, leading to unauthorized privilege escalation. A public exploit for this vulnerability has been published, increasing the immediate risk of exploitation.</description><content:encoded><![CDATA[<p>A significant vulnerability, tracked as CVE-2026-14719, has been discovered in SourceCodester Onlne Examination &amp; Learning Management System version 1.0. This flaw affects the Registration Endpoint, specifically within the <code>register.php</code> file, where it exhibits improper privilege management. Attackers can exploit this by manipulating the <code>role</code> argument during user registration. This remote vulnerability can lead to privilege escalation, allowing an unauthenticated attacker to gain elevated access within the system, potentially compromising sensitive educational data or administrative functions. The severity of this issue is heightened by the fact that a public exploit has been published and is readily available for use, making it an immediate threat to organizations utilizing this system. Defenders should prioritize patching and monitoring for exploitation attempts.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Reconnaissance</strong>: An attacker identifies a publicly accessible instance of SourceCodester Onlne Examination &amp; Learning Management System 1.0.</li>
<li><strong>Vulnerability Identification</strong>: The attacker confirms the application version and identifies the vulnerable <code>register.php</code> endpoint.</li>
<li><strong>Crafted Request</strong>: The attacker crafts an HTTP POST request to <code>/register.php</code> that includes a manipulated <code>role</code> argument within the registration data.</li>
<li><strong>Exploitation</strong>: The crafted request is sent to the vulnerable endpoint, attempting to assign an elevated <code>role</code> (e.g., 'admin', 'instructor') to a newly created user account.</li>
<li><strong>Privilege Assignment</strong>: Due to improper privilege management inherent in CVE-2026-14719, the system processes the request and creates the new user with the attacker-specified elevated <code>role</code>.</li>
<li><strong>Unauthorized Access</strong>: The attacker logs into the system using the credentials of the newly created account, now possessing administrative or other highly privileged access.</li>
<li><strong>Impact</strong>: The attacker gains full control over system functionalities, potentially accessing sensitive student records, modifying examination content, or disrupting learning operations.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The exploitation of CVE-2026-14719 can lead to severe consequences. Attackers can achieve unauthorized privilege escalation, granting them full administrative control over the SourceCodester Onlne Examination &amp; Learning Management System. This can result in data breaches involving sensitive student or faculty information, unauthorized modification of grades or course materials, system downtime, and reputational damage for educational institutions. The public availability of an exploit significantly increases the likelihood of widespread attacks, putting all unpatched instances at immediate risk of compromise. The CVSS 3.1 Base Score of 7.3 (High) underscores the critical nature of this vulnerability.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li><strong>Patch CVE-2026-14719</strong>: Immediately apply any available patches or vendor-provided mitigations for SourceCodester Onlne Examination &amp; Learning Management System 1.0 to address CVE-2026-14719.</li>
<li><strong>Implement WAF Rules</strong>: Deploy a Web Application Firewall (WAF) to block HTTP POST requests to <code>/register.php</code> that contain suspicious <code>role</code> parameter manipulations, as indicated in the Sigma rule.</li>
<li><strong>Monitor Web Logs</strong>: Enable and review web server logs for <code>/register.php</code> access patterns, specifically looking for HTTP POST requests with a <code>role</code> argument, as described in the provided Sigma rule.</li>
<li><strong>Audit New User Registrations</strong>: Regularly audit new user registrations for the SourceCodester Onlne Examination &amp; Learning Management System, paying close attention to any accounts created with elevated or unusual privilege levels.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>privilege-escalation</category><category>web-application</category><category>cve</category><category>sourcecodester</category><category>improper-privilege-management</category></item></channel></rss>