A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0 . It has been classified as critical . The impacted element is an unknown function of the file /archive5.php . The manipulation of the argument sy leads to sql injection. This vulnerability is documented as CVE-2026-11482 . The attack can be initiated remotely. Additionally, an exploit exists.