Skip to main content

CET Grading System EUVD-2026-31999

| CVE-2026-9583 LOW
Information Exposure (CWE-200)
2026-05-26 cna@vuldb.com GHSA-3826-wfx9-8758
PHP Information Disclosure
2.1
CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
May 26, 2026 - 21:30 vuln.today

DescriptionNVD

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

AnalysisAI

Information exposure via verbose SQL error messages in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0 enables authenticated remote attackers to harvest internal database details by manipulating the /index.php SQL Handler endpoint. The application returns raw SQL error output rather than sanitized application-level messages, leaking schema structure, table names, or query internals. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-31999 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy