CVE-2026-11486

Publié : 8 juin 2026

Modifié : 8 juin 2026

Score CVSS

7.3

HIGH

Description détaillée

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Références et Patchs

https://github.com/ssaaaa1234/cve/issues/1 https://vuldb.com/cve/CVE-2026-11486 https://vuldb.com/submit/834111 https://vuldb.com/vuln/369106 https://vuldb.com/vuln/369106/cti https://www.sourcecodester.com/

Dernières Vulnérabilités

CVE-2026-11495

A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/add_stock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.

VOIR DÉTAILS

CVE-2026-11494

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

VOIR DÉTAILS

CVE-2026-11493

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks.

VOIR DÉTAILS