ГлавнаяУязвимости → CVE-2026-2938
7.3высокая

CVE-2026-2938

Описание

A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/update_smtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Затрагиваемое ПО
Munyweki Student result management system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/Shaon-Xis/SRMS-1.0---Unauthenticated-SMTP-Hijacking-to-Account-Takeoverhttps://vuldb.com/?ctiid.347310https://vuldb.com/?id.347310https://vuldb.com/?submit.755345https://www.sourcecodester.com/