A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0 . It has been declared as critical . This affects an unknown function of the file /archive4.php . The manipulation of the argument sy results in sql injection. This vulnerability is reported as CVE-2026-11483 . The attack can be launched remotely. Moreover, an exploit is present.