Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
SourceCodester Student Result Management System 1.0: Remote DoS via Manipulated User ID
CVE-2026-2984
Summary
A web application flaw in SourceCodester Student Result Management System 1.0 allows an attacker to crash the system by manipulating a user ID. This could lead to system downtime and data loss. Update the software to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| munyweki | student_result_management_system | 1.0 | – |
Original title
A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/drop_user.php. Such manipulation of the argument ID l...
Original description
A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/drop_user.php. Such manipulation of the argument ID leads to denial of service. The attack can be executed remotely. The exploit is publicly available and might be used.
nvd CVSS2.0
6.4
nvd CVSS3.1
6.5
nvd CVSS4.0
6.9
Vulnerability type
CWE-404
- https://github.com/Shaon-Xis/SRMS-1.0---Unauthenticated-SMTP-Hijacking-to-Accoun... Exploit Mitigation Third Party Advisory
- https://vuldb.com/?ctiid.347367 Permissions Required VDB Entry
- https://vuldb.com/?id.347367 Third Party Advisory VDB Entry
- https://vuldb.com/?submit.756136 Third Party Advisory VDB Entry
- https://www.sourcecodester.com/ Product
Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026