CVE-2026-14775

Severity CVSS v4.0:
LOW
Type:
CWE-284 Improper Access Control
Publication date:
05/07/2026
Last modified:
05/07/2026

Description

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /process_lesson.php. Such manipulation of the argument user_id leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used. The name of the affected product appears to have a typo in it.