A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
Exploit
CVE-2026-11471
NVD
Refer to CVE-2026-11471 NVD advisory