A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0 and classified as critical . Affected by this issue is some unknown functionality of the file /preview3.php . The manipulation of the argument course_year_section leads to sql injection. This vulnerability is listed as CVE-2026-13566 . The attack may be initiated remotely. In addition, an exploit is available.