CVE-2026-14698

Severity CVSS v4.0:
LOW
Type:
CWE-284 Improper Access Control
Publication date:
05/07/2026
Last modified:
06/07/2026

Description

A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file upload_files.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.