← back
CVE-2026-7401

SourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php register cross site scripting

CVSS 5.3 MEDIUMEPSS 0.3%CWE-79CWE-94
A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument student_id/full_name/section/username results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
Affected products
SourceCodester · CET Automated Grading System with AI Predictive Analytics
public PoCs found1
cve_referencegithub.com/Xmyronn/Stored-XSS-in-CET-Automated-Grading-System-Student-Registration-Unauthenticated-Admin-Dashboard-.gitunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/Xmyronn/Stored-XSS-in-CET-Automated-Grading-System-Student-Registration-Unauthenticated-Admin-Dashboard-.githttps://vuldb.com/submit/803525https://vuldb.com/vuln/360133https://vuldb.com/vuln/360133/ctihttps://www.sourcecodester.com/