Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
SourceCodester Student Result Management System stores login credentials in plain text
CVE-2026-5531
Summary
The SourceCodester Student Result Management System version 1.0 stores login credentials in a plain text file, making them accessible to unauthorized users if the system is compromised. This could allow attackers to obtain sensitive user information. Users should update to a fixed version of the software or modify their configuration to secure login credentials.
Original title
A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /login_credentials.txt of the component HTTP GET Request Handler. ...
Original description
A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /login_credentials.txt of the component HTTP GET Request Handler. The manipulation leads to cleartext storage in a file or on disk. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd CVSS2.0
5.0
nvd CVSS3.1
5.3
nvd CVSS4.0
5.5
Vulnerability type
CWE-312
Cleartext Storage of Sensitive Information
CWE-313
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026