Skip to main content

Teacher Record System CVE-2026-5182

| EUVD-2026-17329 MEDIUM
SQL Injection (CWE-89)
2026-03-31 VulDB
SQLi Teacher Record System
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
CVSS changed
Apr 29, 2026 - 01:11 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
PoC Detected
Apr 01, 2026 - 14:24 vuln.today
Public exploit code
EUVD ID Assigned
Mar 31, 2026 - 06:00 euvd
EUVD-2026-17329
Analysis Generated
Mar 31, 2026 - 06:00 vuln.today
CVE Published
Mar 31, 2026 - 05:45 nvd
MEDIUM 6.9

DescriptionCVE.org

A vulnerability was found in SourceCodester Teacher Record System 1.0. Impacted is an unknown function of the file Teacher Record System of the component Parameter Handler. Performing a manipulation of the argument searchteacher results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

AnalysisAI

SQL injection in SourceCodester Teacher Record System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the 'searchteacher' parameter in the Parameter Handler component. The vulnerability has a publicly available exploit (GitHub POC published), enabling extraction of sensitive data, modification of database records, or potential system compromise. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment Real-world risk is substantial based on multiple converging signals. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker identifies an internet-exposed Teacher Record System installation through automated web application scanning or Shodan searches. Using the publicly available GitHub exploit code, the attacker crafts a malicious HTTP request targeting the searchteacher parameter with SQL injection payloads such as union-based queries or boolean-based blind techniques. …
Remediation No vendor-released patch has been identified at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Identify all instances of SourceCodester Teacher Record System 1.0 in production and isolate them from public network access or disable the searchteacher functionality. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-5182 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy