CVE-2026-11552

Published: Giu 08, 2026 Last Modified: Giu 08, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none
MEDIUM 5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: none
Availability: none

Description

AI Translation Available

A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import_users.php. The manipulation of the argument raw_password with the input CICT_2026 leads to use of hard-coded password. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.

259

Use of Hard-coded Password

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control
Potential Impacts:
Gain Privileges Or Assume Identity Hide Activities Reduce Maintainability
Applicable Platforms
Technologies: ICS/OT
Likelihood of Exploit: High
View CWE Details
https://vuldb.com/cve/CVE-2026-11552
https://vuldb.com/cve/CVE-2026-11552
https://vuldb.com/submit/836751
https://vuldb.com/submit/836751
https://vuldb.com/vuln/369162
https://vuldb.com/vuln/369162
https://vuldb.com/vuln/369162/cti
https://vuldb.com/vuln/369162/cti
https://www.sourcecodester.com/
https://www.sourcecodester.com/