CVE-2026-12529
Received Received - Intake
Improper Access Control in CET Automated Grading System

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: VulDB

Description
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the component Student Self-Registration Endpoint. The manipulation leads to improper access controls. Remote exploitation of the attack is possible.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-18
AI Q&A
2026-06-18
EPSS Evaluated
N/A
NVD
CVE-2026-12529
EUVD
EUVD-2026-37780
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sourcecodester cet_automated_grading_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0, specifically in an unknown function within the /index.php file related to the Student Self-Registration Endpoint.

The issue involves improper access controls, which means that the system does not correctly restrict or verify user permissions.

Because of this flaw, an attacker can remotely exploit the system to gain unauthorized access or perform actions they should not be allowed to.

Impact Analysis

The vulnerability can lead to unauthorized access to the system through the Student Self-Registration Endpoint.

This improper access control can allow attackers to potentially view, modify, or manipulate data they should not have access to.

Such unauthorized actions could compromise the integrity, confidentiality, and availability of the system and its data.

Compliance Impact

The vulnerability in SourceCodester CET Automated Grading System 1.0 involves improper access controls in the Student Self-Registration Endpoint, which can be remotely exploited.

Such improper access controls could potentially lead to unauthorized access to personal or sensitive data, which may impact compliance with standards and regulations like GDPR or HIPAA that require strict access controls and protection of personal data.

However, specific impacts on compliance with these regulations are not detailed in the provided information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12529. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart