A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0 . It has been rated as critical . This impacts an unknown function of the file /archive3.php . This manipulation of the argument sy causes sql injection. This vulnerability appears as CVE-2026-11484 . The attack may be initiated remotely. In addition, an exploit is available.