CVE-2026-11486

Description

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

References

• https://github.com/ssaaaa1234/cve/issues/1
• https://vuldb.com/cve/CVE-2026-11486
• https://vuldb.com/submit/834111
• https://vuldb.com/vuln/369106
• https://vuldb.com/vuln/369106/cti