CVE-2026-14777
A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown
CVSS
6.3
Medium
EPSS
0.2%
p12
KEV
—
Exploit Today
4
0-100
Published: Jul 6, 2026 · Last modified: Jul 6, 2026 · CWE-284 · CWE-434
0.2%EPSS · 30 days0.2%
2026-07-062026-07-17
A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The name of the affected product appears to have a typo in it.
- github.comhttps://github.com/nuiifornet/A033/blob/main/OE-LMS-RCE-3-announcements.md
- vuldb.comhttps://vuldb.com/cve/CVE-2026-14777
- vuldb.comhttps://vuldb.com/submit/850679
- vuldb.comhttps://vuldb.com/vuln/376367
- vuldb.comhttps://vuldb.com/vuln/376367/cti
- www.sourcecodester.comhttps://www.sourcecodester.com/
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-562909.8 CRI85.4%
KEV—76Joomlack Page Builder Improper Access Control Vulnerability10dCVE-2026-489089.8 CRI72.6%
KEV—72JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability10dCVE-2026-489399.8 CRI71.5%
KEV—71iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability7dCVE-2026-562919.8 CRI53.7%
KEV—66Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability7dCVE-2023-388368.8 HIG99.3%
——30File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.9dCVE-2023-464747.2 HIG97.3%
——29File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.9d