CVE-2026-13521

HIGH NVD

CVSS Score 7.3

Severity HIGH

Published Jun 29, 2026

Vendor unknown

Description

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php. Affected by this vulnerability is an unknown functionality of the file /preview5.php. Such manipulation of the argument course_year_section leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

References

https://github.com/xiaoxuxu233/myCVE/issues/2
https://vuldb.com/cve/CVE-2026-13521
https://vuldb.com/submit/839572
https://vuldb.com/vuln/374529
https://vuldb.com/vuln/374529/cti