CVE-2026-14719
SourceCodester Onlne Examination & Learning Management System Registration Endpoint register.php privileges management
Vexday Risk Score
10Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.9EPSS —KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
05 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
SourceCodester · Onlne Examination & Learning Management System