CVE-2026-14776
Last modified
CVE-2026-14776 is a medium-severity vulnerability rated 6.3/10 on the CVSS scale. A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /upload_files.php of the component Filename Extension. EPSS estimates a 0.21% chance of exploitation in the next 30 days.
Description
A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /upload_files.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The name of the affected product appears to have a typo in it.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| SourceCodester | Onlne Examination & Learning Management System | 1.0 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14776?
How severe is CVE-2026-14776?
How do I fix CVE-2026-14776?
Related CVEs from 2026
- CVE-2026-14770A vulnerability was detected in SourceCodester Class and Exa…7.3
- CVE-2026-14771A flaw has been found in SourceCodester Class and Exam Timet…7.3
- CVE-2026-14772A vulnerability has been found in SourceCodester Class and E…7.3
- CVE-2026-14773A vulnerability was found in itsourcecode Hospital Managemen…6.3
- CVE-2026-14774A vulnerability was determined in itsourcecode Hospital Mana…6.3
- CVE-2026-14775A vulnerability was identified in SourceCodester Onlne Exami…6.3
- CVE-2026-14777A weakness has been identified in SourceCodester Onlne Exami…6.3
- CVE-2026-14778A security vulnerability has been detected in SourceCodester…7.3
- CVE-2026-1478An out-of-band SQL injection vulnerability (OOB SQLi) has be…7.5
- CVE-2026-14781A flaw exists in the org.keycloak.broker.oidc package where …4.8
- CVE-2026-14783A vulnerability was determined in NousResearch hermes-agent …4.3
- CVE-2026-14784A vulnerability was identified in vxcontrol PentAGI up to 2.…6.3
Are you affected by CVE-2026-14776?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
