<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Sourcecodester - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/tags/sourcecodester/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Sun, 05 Jul 2026 09:18:49 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/tags/sourcecodester/feed.xml" rel="self" type="application/rss+xml"/><item><title>CVE-2026-14732: SQL Injection in SourceCodester Class and Exam Timetabling System</title><link>https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14732-sql-injection/</link><pubDate>Sun, 05 Jul 2026 09:18:49 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14732-sql-injection/</guid><description>A critical SQL injection vulnerability (CVE-2026-14732) in SourceCodester Class and Exam Timetabling System 1.0 allows remote, unauthenticated attackers to execute arbitrary SQL commands via manipulation of the `ID` argument in `/edit_exam.php`, leading to data exfiltration and potential system compromise.</description><content:encoded><![CDATA[<p>A critical SQL injection vulnerability (CVE-2026-14732) has been publicly disclosed in SourceCodester Class and Exam Timetabling System version 1.0. This flaw, residing in the <code>/edit_exam.php</code> file, allows unauthenticated remote attackers to execute arbitrary SQL commands against the backend database by manipulating the <code>ID</code> argument. The vulnerability was published to NVD on July 5, 2026, with a CVSS v3.1 base score of 7.3 (High). The public disclosure of exploit details means that this vulnerability can be actively leveraged by malicious actors. Organizations using this system are at immediate risk of data compromise, unauthorized access, and potential remote code execution, making prompt remediation crucial for protecting sensitive information and maintaining system integrity. This affects any instance exposed to the internet.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>Attacker identifies an internet-facing instance of SourceCodester Class and Exam Timetabling System 1.0.</li>
<li>Attacker crafts a specially formed HTTP GET or POST request targeting the <code>/edit_exam.php</code> endpoint.</li>
<li>The request includes a malicious SQL payload within the <code>ID</code> argument (e.g., <code>id=1%27+UNION+SELECT+null,user(),null--</code>).</li>
<li>The vulnerable application processes this request without properly sanitizing the <code>ID</code> input, causing the web server to execute the attacker's embedded SQL query against its backend database.</li>
<li>The database responds to the malicious query, potentially revealing sensitive data such as user credentials, database schema, or other confidential information.</li>
<li>The web server includes the results of the SQL query within the HTTP response, allowing the attacker to exfiltrate the compromised data.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-14732 can lead to severe consequences for organizations utilizing SourceCodester Class and Exam Timetabling System 1.0. Attackers can exfiltrate sensitive student and faculty data, manipulate existing records, or gain administrative access to the application. This could result in privacy breaches, academic fraud, disruption of critical scheduling operations, and reputational damage. The public availability of exploit details increases the likelihood of widespread targeting and automated attacks against vulnerable systems, posing a significant risk to affected educational institutions or internal training departments.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Patch CVE-2026-14732 on all affected SourceCodester Class and Exam Timetabling System 1.0 instances immediately.</li>
<li>Deploy the provided Sigma rule to your SIEM to detect exploitation attempts targeting <code>/edit_exam.php</code>.</li>
<li>Review web server access logs for <code>SourceCodester Class and Exam Timetabling System 1.0</code> for requests to <code>/edit_exam.php</code> containing suspicious <code>ID</code> parameters indicative of SQL injection.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>sql-injection</category><category>web-application</category><category>cve</category><category>sourcecodester</category><category>initial-access</category></item><item><title>CVE-2026-14719: SourceCodester Onlne Examination &amp; Learning Management System Privilege Escalation</title><link>https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14719-privesc/</link><pubDate>Sun, 05 Jul 2026 08:20:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14719-privesc/</guid><description>A critical remote vulnerability (CVE-2026-14719) has been identified in SourceCodester Onlne Examination &amp; Learning Management System version 1.0. The flaw resides in the Registration Endpoint, specifically within the 'register.php' file, where improper privilege management allows for manipulation of the 'role' argument, leading to unauthorized privilege escalation. A public exploit for this vulnerability has been published, increasing the immediate risk of exploitation.</description><content:encoded><![CDATA[<p>A significant vulnerability, tracked as CVE-2026-14719, has been discovered in SourceCodester Onlne Examination &amp; Learning Management System version 1.0. This flaw affects the Registration Endpoint, specifically within the <code>register.php</code> file, where it exhibits improper privilege management. Attackers can exploit this by manipulating the <code>role</code> argument during user registration. This remote vulnerability can lead to privilege escalation, allowing an unauthenticated attacker to gain elevated access within the system, potentially compromising sensitive educational data or administrative functions. The severity of this issue is heightened by the fact that a public exploit has been published and is readily available for use, making it an immediate threat to organizations utilizing this system. Defenders should prioritize patching and monitoring for exploitation attempts.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Reconnaissance</strong>: An attacker identifies a publicly accessible instance of SourceCodester Onlne Examination &amp; Learning Management System 1.0.</li>
<li><strong>Vulnerability Identification</strong>: The attacker confirms the application version and identifies the vulnerable <code>register.php</code> endpoint.</li>
<li><strong>Crafted Request</strong>: The attacker crafts an HTTP POST request to <code>/register.php</code> that includes a manipulated <code>role</code> argument within the registration data.</li>
<li><strong>Exploitation</strong>: The crafted request is sent to the vulnerable endpoint, attempting to assign an elevated <code>role</code> (e.g., 'admin', 'instructor') to a newly created user account.</li>
<li><strong>Privilege Assignment</strong>: Due to improper privilege management inherent in CVE-2026-14719, the system processes the request and creates the new user with the attacker-specified elevated <code>role</code>.</li>
<li><strong>Unauthorized Access</strong>: The attacker logs into the system using the credentials of the newly created account, now possessing administrative or other highly privileged access.</li>
<li><strong>Impact</strong>: The attacker gains full control over system functionalities, potentially accessing sensitive student records, modifying examination content, or disrupting learning operations.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The exploitation of CVE-2026-14719 can lead to severe consequences. Attackers can achieve unauthorized privilege escalation, granting them full administrative control over the SourceCodester Onlne Examination &amp; Learning Management System. This can result in data breaches involving sensitive student or faculty information, unauthorized modification of grades or course materials, system downtime, and reputational damage for educational institutions. The public availability of an exploit significantly increases the likelihood of widespread attacks, putting all unpatched instances at immediate risk of compromise. The CVSS 3.1 Base Score of 7.3 (High) underscores the critical nature of this vulnerability.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li><strong>Patch CVE-2026-14719</strong>: Immediately apply any available patches or vendor-provided mitigations for SourceCodester Onlne Examination &amp; Learning Management System 1.0 to address CVE-2026-14719.</li>
<li><strong>Implement WAF Rules</strong>: Deploy a Web Application Firewall (WAF) to block HTTP POST requests to <code>/register.php</code> that contain suspicious <code>role</code> parameter manipulations, as indicated in the Sigma rule.</li>
<li><strong>Monitor Web Logs</strong>: Enable and review web server logs for <code>/register.php</code> access patterns, specifically looking for HTTP POST requests with a <code>role</code> argument, as described in the provided Sigma rule.</li>
<li><strong>Audit New User Registrations</strong>: Regularly audit new user registrations for the SourceCodester Onlne Examination &amp; Learning Management System, paying close attention to any accounts created with elevated or unusual privilege levels.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>privilege-escalation</category><category>web-application</category><category>cve</category><category>sourcecodester</category><category>improper-privilege-management</category></item><item><title>CVE-2026-14713 — SQL Injection in SourceCodester Pizzafy E-Commerce System</title><link>https://feed.craftedsignal.io/briefs/2026-07-pizzafy-sql-injection/</link><pubDate>Sun, 05 Jul 2026 06:26:12 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-pizzafy-sql-injection/</guid><description>A critical SQL injection vulnerability (CVE-2026-14713) exists in SourceCodester Pizzafy E-Commerce System version 1.0, allowing unauthenticated remote attackers to execute arbitrary SQL commands by manipulating the 'ID' argument in the `/admin/ajax.php?action=confirm_order` endpoint, potentially leading to data exfiltration or modification, with a public exploit available.</description><content:encoded><![CDATA[<p>A significant security flaw, tracked as CVE-2026-14713, has been identified in the SourceCodester Pizzafy E-Commerce System 1.0. This vulnerability manifests as a remote SQL injection within the <code>/admin/ajax.php</code> file, specifically when handling the <code>ID</code> argument in the <code>action=confirm_order</code> context. Threat actors can exploit this by crafting malicious HTTP requests that embed SQL queries into the <code>ID</code> parameter. The flaw allows for unauthenticated remote exploitation, meaning attackers can leverage it without prior access to the system. The existence of a public exploit for this vulnerability elevates the immediate risk, making it critical for organizations using this software to patch or implement protective measures swiftly to prevent potential data breaches, unauthorized data manipulation, or system compromise.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>Attacker identifies a publicly accessible instance of SourceCodester Pizzafy E-Commerce System 1.0.</li>
<li>Attacker crafts a specially designed HTTP GET request targeting the <code>/admin/ajax.php</code> endpoint.</li>
<li>The request includes the <code>action=confirm_order</code> parameter and a malicious SQL payload embedded within the <code>ID</code> argument (e.g., <code>ID=1 UNION SELECT @@version, user(), database()</code>).</li>
<li>The vulnerable application processes this request, failing to properly sanitize the <code>ID</code> parameter, and executes the attacker-supplied SQL query against its backend database.</li>
<li>The database management system (DBMS) processes the injected query and returns the results within the legitimate HTTP response from the web server.</li>
<li>Attacker parses the web server's response to extract sensitive information, such as database schema, user credentials, system configuration, or other confidential data.</li>
<li>The attacker continues to refine payloads to further exfiltrate, modify, or potentially corrupt data within the database, ultimately achieving data compromise.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-14713 can lead to severe consequences for organizations utilizing SourceCodester Pizzafy E-Commerce System 1.0. As a remote SQL injection vulnerability, attackers can gain unauthorized access to the underlying database. This typically results in full data compromise, including exfiltration of sensitive customer data (names, addresses, payment information), administrative credentials, and other proprietary business data. Attackers could also tamper with order details, pricing, inventory, or user accounts, causing financial losses, reputational damage, and operational disruption. While the source does not specify victim count or targeted sectors, any organization deploying this specific version of the e-commerce system is at high risk.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately patch SourceCodester Pizzafy E-Commerce System 1.0 to a non-vulnerable version if available.</li>
<li>Deploy the Sigma rule &quot;Detects CVE-2026-14713 Exploitation — Pizzafy SQL Injection&quot; to your SIEM/WAF and tune for your environment.</li>
<li>Enable comprehensive web server logging (category <code>webserver</code>) to capture <code>cs-uri-stem</code>, <code>cs-uri-query</code>, and <code>cs-method</code> for detailed forensic analysis.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>sql-injection</category><category>web-vulnerability</category><category>cve</category><category>sourcecodester</category><category>e-commerce</category></item><item><title>CVE-2026-14695: SourceCodester Multi-Vendor Online Grocery Management System SQL Injection</title><link>https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14695-sql-injection/</link><pubDate>Sun, 05 Jul 2026 03:17:53 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14695-sql-injection/</guid><description>A high-severity SQL injection vulnerability, CVE-2026-14695, exists in SourceCodester Multi-Vendor Online Grocery Management System 1.0, allowing remote attackers to manipulate the 'Name' argument within the `save_client` function of `classes/Users.php` to execute arbitrary SQL commands, with a public exploit available.</description><content:encoded><![CDATA[<p>A significant vulnerability, identified as CVE-2026-14695, has been discovered in SourceCodester Multi-Vendor Online Grocery Management System version 1.0. This flaw specifically affects the <code>save_client</code> function located within the <code>classes/Users.php</code> file, which is part of the Registration Handler component. Attackers can remotely exploit this weakness by manipulating the 'Name' argument, leading to a classic SQL injection scenario. The presence of a publicly available exploit significantly escalates the risk, making affected systems immediate targets for data compromise or further malicious activity. This vulnerability has a CVSS v3.1 base score of 7.3, categorizing it as high severity due to its network-exploitability and potential for data impact.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>Attacker identifies a target running <code>SourceCodester Multi-Vendor Online Grocery Management System 1.0</code> through reconnaissance.</li>
<li>Attacker crafts a malicious HTTP POST request, targeting the <code>classes/Users.php</code> file and specifically the <code>save_client</code> function.</li>
<li>The crafted request includes an SQL injection payload embedded within the 'Name' argument, designed to bypass input validation.</li>
<li>Upon receipt, the vulnerable <code>save_client</code> function processes the unsanitized 'Name' argument, directly incorporating the malicious string into a database query.</li>
<li>The malicious SQL query is then executed by the backend database, granting the attacker unauthorized access to, or manipulation of, the database contents.</li>
<li>Attacker proceeds to exfiltrate sensitive data, such as user credentials, customer information, or product details, or alters existing data for fraudulent purposes.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The successful exploitation of CVE-2026-14695 can lead to severe consequences for organizations utilizing SourceCodester Multi-Vendor Online Grocery Management System 1.0. Attackers can gain unauthorized access to critical backend databases, potentially compromising sensitive customer data including names, addresses, purchase history, and even authentication credentials. This breach can result in significant financial losses, reputational damage, regulatory penalties (e.g., GDPR, CCPA violations), and disruption of business operations. The public availability of an exploit increases the likelihood of widespread targeting.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li><strong>Patch CVE-2026-14695 immediately:</strong> Apply any available patches or vendor-provided updates for SourceCodester Multi-Vendor Online Grocery Management System 1.0 to address the SQL injection vulnerability.</li>
<li><strong>Implement Web Application Firewall (WAF) rules:</strong> Configure WAFs to detect and block SQL injection attempts, specifically looking for common SQLi patterns in POST requests targeting <code>classes/Users.php</code> and the 'Name' argument.</li>
<li><strong>Conduct code review and input validation:</strong> Perform a thorough security audit of the <code>save_client</code> function in <code>classes/Users.php</code> and all other input handling components to ensure proper sanitization and parameterized queries are used.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>sql-injection</category><category>web-vulnerability</category><category>cve</category><category>sourcecodester</category><category>data-theft</category></item><item><title>CVE-2026-14690: Improper Authorization in SourceCodester Multi-Vendor Online Grocery Management System</title><link>https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14690-sourcecodester/</link><pubDate>Sun, 05 Jul 2026 02:19:33 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14690-sourcecodester/</guid><description>A high-severity improper authorization vulnerability (CVE-2026-14690) in the `save_users` function of SourceCodester Multi-Vendor Online Grocery Management System 1.0 allows remote unauthenticated attackers to manipulate user accounts, potentially leading to privilege escalation or unauthorized access, with a public exploit readily available.</description><content:encoded><![CDATA[<p>A significant security flaw, tracked as CVE-2026-14690, has been identified in SourceCodester Multi-Vendor Online Grocery Management System version 1.0. This vulnerability specifically resides within the <code>save_users</code> function located in the <code>classes/Users.php</code> file. The weakness stems from improper authorization controls, allowing an attacker to bypass security checks and manipulate user accounts. Remote exploitation is possible, meaning attackers do not need prior access to the system or user credentials. A public exploit has been made available, increasing the urgency for immediate remediation. For defenders, this vulnerability represents a critical risk of unauthorized access, privilege escalation, and potential compromise of the online grocery management system, including sensitive customer and transactional data.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An unauthenticated remote attacker identifies the vulnerable SourceCodester Multi-Vendor Online Grocery Management System 1.0 instance.</li>
<li>The attacker crafts a malicious HTTP POST request targeting the <code>/classes/Users.php</code> endpoint to invoke the <code>save_users</code> function.</li>
<li>Due to the improper authorization flaw, the application fails to adequately verify the attacker's privileges or authentication status for the <code>save_users</code> operation.</li>
<li>The attacker leverages this bypass to create a new administrative user account or modify the roles/privileges of an existing low-privileged user.</li>
<li>With the newly acquired or elevated administrative credentials, the attacker logs into the system.</li>
<li>The attacker gains full administrative control over the Multi-Vendor Online Grocery Management System, potentially leading to data exfiltration, system defacement, or further compromise of the underlying server.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-14690 would grant unauthorized administrative access to the Multi-Vendor Online Grocery Management System. This direct compromise could lead to severe consequences, including the theft of sensitive customer information (e.g., personal data, order history), financial transaction manipulation, alteration of product inventories, or complete disruption of the online grocery platform. While specific victim counts are not available, any organization utilizing this vulnerable software is at risk of significant reputational damage, financial loss, and regulatory penalties due to data breaches and service interruptions.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately apply any available patches or security updates from SourceCodester for the Multi-Vendor Online Grocery Management System 1.0 to address CVE-2026-14690.</li>
<li>Review access logs for <code>/classes/Users.php</code> for any unauthorized or suspicious POST requests that occurred prior to applying the patch for CVE-2026-14690.</li>
<li>Perform an audit of user accounts, especially administrative accounts, for any newly created or modified users since the system's deployment or the disclosure of CVE-2026-14690, investigating any anomalous entries.</li>
<li>Refer to the provided references (<a href="https://vuldb.com/cve/CVE-2026-14690">https://vuldb.com/cve/CVE-2026-14690</a>, <a href="https://github.com/lee945/cve/issues/1">https://github.com/lee945/cve/issues/1</a>) for further details on the vulnerability and potential mitigation strategies.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>vulnerability</category><category>web-application</category><category>improper-authorization</category><category>cve</category><category>sourcecodester</category></item><item><title>CVE-2026-14654: Remote SQL Injection in SourceCodester Simple and Nice Shopping Cart Script</title><link>https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14654-sqli/</link><pubDate>Sat, 04 Jul 2026 21:20:52 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14654-sqli/</guid><description>A remote, unauthenticated SQL injection vulnerability (CVE-2026-14654) in SourceCodester Simple and Nice Shopping Cart Script 1.0 allows attackers to manipulate the `user_id` argument via `/admin/girlsproductdeletequery.php`, leading to database compromise, data exfiltration, or unauthorized access, with an exploit publicly available.</description><content:encoded><![CDATA[<p>A critical SQL injection vulnerability, identified as CVE-2026-14654, has been discovered in version 1.0 of the SourceCodester Simple and Nice Shopping Cart Script. This flaw specifically affects an unknown function within the <code>/admin/girlsproductdeletequery.php</code> file, where improper neutralization of special elements in the <code>user_id</code> argument leads to SQL injection. The vulnerability allows a remote and unauthenticated attacker to inject malicious SQL commands into database queries. The exploit for this vulnerability is publicly available, increasing the likelihood of its use in the wild. This poses a significant risk to organizations utilizing the affected software, enabling potential unauthorized access, data manipulation, or even remote code execution if the underlying database user has elevated privileges. The vulnerability was published on July 4, 2026.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker identifies an internet-facing instance of SourceCodester Simple and Nice Shopping Cart Script 1.0.</li>
<li>The attacker crafts a malicious HTTP GET or POST request to the <code>/admin/girlsproductdeletequery.php</code> endpoint.</li>
<li>The request includes specially constructed SQL injection payloads within the <code>user_id</code> parameter, such as <code>' OR 1=1--</code> or <code>UNION SELECT ...</code>.</li>
<li>The vulnerable application processes the <code>user_id</code> argument without adequate sanitization, causing the injected SQL commands to be executed by the backend database.</li>
<li>Successful injection allows the attacker to bypass authentication, query sensitive database information (e.g., user credentials, product details), modify existing data, or delete records.</li>
<li>Depending on the database system and the privileges of the database user account, the attacker may escalate the SQL injection to achieve remote code execution (RCE) on the underlying web server.</li>
<li>If RCE is successful, the attacker can establish persistent access mechanisms, such as deploying web shells or other backdoors.</li>
<li>The final objective often includes data exfiltration, website defacement, or broader compromise of the hosting infrastructure.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-14654 can lead to severe consequences for affected organizations. Attackers can gain unauthorized access to the application's database, allowing for the theft of sensitive customer and product information, modification of order details, or deletion of critical data. While specific victim counts or targeted sectors are not available, any organization using SourceCodester Simple and Nice Shopping Cart Script 1.0 is at risk. The publicly available exploit further exacerbates the threat, making it easier for malicious actors to compromise systems and disrupt business operations.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately patch SourceCodester Simple and Nice Shopping Cart Script 1.0 if an official update is available, or remove the affected component from internet exposure.</li>
<li>Deploy the Sigma rule &quot;Detect CVE-2026-14654 Exploitation - SQL Injection in Shopping Cart Script&quot; to your SIEM for early detection of exploitation attempts.</li>
<li>Monitor web server access logs for requests targeting <code>/admin/girlsproductdeletequery.php</code> that contain unusual or suspicious characters and SQL keywords as described in the detection rule.</li>
<li>Review the references provided, particularly <a href="https://github.com/Yuesswor/cve/issues/4">https://github.com/Yuesswor/cve/issues/4</a> and <a href="https://vuldb.com/vuln/376167">https://vuldb.com/vuln/376167</a>, for potential workarounds or additional mitigation details.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>sql-injection</category><category>web-vulnerability</category><category>cve</category><category>sourcecodester</category><category>shopping-cart</category></item><item><title>SQL Injection in SourceCodester Class and Exam Timetabling System (CVE-2026-14641)</title><link>https://feed.craftedsignal.io/briefs/2026-07-sql-injection-sourcecodester/</link><pubDate>Sat, 04 Jul 2026 19:23:20 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-sql-injection-sourcecodester/</guid><description>A critical vulnerability, CVE-2026-14641, in SourceCodester Class and Exam Timetabling System version 1.0 allows for remote SQL injection via the 'ID' argument in the '/edit_course.php' file, enabling unauthenticated attackers to manipulate database queries with a publicly disclosed exploit.</description><content:encoded><![CDATA[<p>A high-severity SQL injection vulnerability, tracked as CVE-2026-14641, has been identified in SourceCodester Class and Exam Timetabling System version 1.0. This flaw allows unauthenticated, remote attackers to execute arbitrary SQL commands by manipulating the 'ID' argument within the <code>/edit_course.php</code> file. The vulnerability stems from improper neutralization of special elements in SQL commands, specifically CWE-89. The exploit has been publicly disclosed and is actively available, increasing the risk of widespread exploitation. This vulnerability enables attackers to potentially read, modify, or delete data from the backend database, compromising data confidentiality and integrity. Defenders should prioritize patching and implementing robust input validation to mitigate this threat.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An unauthenticated attacker crafts a malicious HTTP GET request targeting the <code>/edit_course.php</code> endpoint of the vulnerable SourceCodester Class and Exam Timetabling System.</li>
<li>The crafted request includes a specially malformed <code>ID</code> parameter in the URL query string, containing SQL injection payloads (e.g., <code>ID=1%27%20UNION%20SELECT%20...</code>).</li>
<li>The vulnerable <code>/edit_course.php</code> script processes the <code>ID</code> parameter without proper input sanitization or validation.</li>
<li>The application directly embeds the malicious <code>ID</code> parameter's value into a backend SQL query.</li>
<li>The database server executes the manipulated SQL query, which may bypass intended logic and allow the attacker to retrieve sensitive information or modify data.</li>
<li>The web server responds to the attacker's request, potentially disclosing sensitive database content (e.g., user credentials, system configurations, application data) within the HTTP response body.</li>
<li>The attacker parses the HTTP response to extract the compromised data, achieve data exfiltration, or modify database records.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-14641 can lead to significant data breaches, where attackers can read, modify, or delete sensitive information stored in the application's database. This includes user accounts, academic records, scheduling data, and potentially administrative credentials. While specific victim counts are not available, the widespread use of SourceCodester systems in educational settings suggests that successful attacks could impact student and staff privacy, disrupt academic operations, and lead to reputational damage for affected institutions. The CVSS 3.1 score of 7.3 (High) indicates low impact on confidentiality, integrity, and availability, but SQL injection commonly leads to more severe consequences like full database compromise or even arbitrary code execution under certain configurations.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Prioritize patching SourceCodester Class and Exam Timetabling System to a non-vulnerable version immediately to address CVE-2026-14641.</li>
<li>Deploy the provided Sigma rule to your SIEM solution to detect exploitation attempts against the <code>/edit_course.php</code> endpoint.</li>
<li>Ensure webserver logging (category: <code>webserver</code>) is enabled and configured to capture full HTTP request details, especially <code>cs-uri-stem</code> and <code>cs-uri-query</code>, to enable the rule.</li>
<li>Implement web application firewalls (WAFs) with rules designed to detect and block SQL injection payloads targeting HTTP GET parameters.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>sql-injection</category><category>web-application</category><category>cve</category><category>sourcecodester</category><category>php</category></item></channel></rss>