CVE-2026-4574

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L                                    

Vulnerability Description

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

Vulnerability Details

Published Date

March 23, 2026

Last Modified

March 23, 2026

CWE ID

CWE-74

Source

NVD

External References

https://github.com/meifukun/Web-Security-PoCs/blob/main/Simple-E-learning-System/SQLi-UserProfile-firstName.md
https://vuldb.com/?ctiid.352411
https://vuldb.com/?id.352411
https://vuldb.com/?submit.775182
https://www.sourcecodester.com/

CVE-2026-4574

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment