CVE-2026-14719
HIGHCVSS v3.1: 7.3 · EPSS: 0.0029 (20.6 percentile)
Source data as of:
At a glance
- Severity
- HIGH
- CVSS
- 7.3 v3.1 · NVD
- EPSS
- 0.0029 (20.6 percentile) · FIRST.org
- CISA KEV
- No
- Type
- Privilege Management · NVD CWE
- Attack conditions (CVSS vector)
- NetworkNo privilegesNo user interaction · Source: NVD Vector
- Published
- 2026-07-05 · Modified: 2026-07-05
- References
- Jump to references (6)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.
- Reference https://pastebin.com/Z4i5MGxk
- Reference https://vuldb.com/cve/CVE-2026-14719
- Reference https://vuldb.com/submit/847515
- Reference https://vuldb.com/vuln/376307
- Reference https://vuldb.com/vuln/376307/cti
- Reference https://www.sourcecodester.com/