Home / Vulnerability Intelligence / CVE-2026-2984

CVE-2026-2984 - Vulnerability Analysis

MediumCVSS: 6.5

Last Updated: February 24, 2026

SourceCodester Student Result Management System - Denial of Service

Published: February 23, 2026Updated: February 24, 2026PoC AvailableRemote Exploitable

Overview

SourceCodester Student Result Management System 1.0 contains a denial of service caused by manipulation of the "ID" argument in /admin/core/drop_user.php, letting remote attackers cause service disruption, exploit requires no special privileges.

Severity & Score

Severity: Medium

CVSS Score: 6.5

Impact

Remote attackers can cause denial of service, disrupting availability of the system.

Mitigation

Update to the latest version or apply vendor patches if available.

References

https://vuldb.com/?submit.756136
https://www.sourcecodester.com/
https://github.com/Shaon-Xis/SRMS-1.0---Unauthenticated-SMTP-Hijacking-to-Account-Takeover#vulnerability-3-unauthenticated-arbitrary-account-deletion-dos
https://vuldb.com/?ctiid.347367
https://vuldb.com/?id.347367

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-2984
Severity: Medium
CVSS Score: 6.5
Type: undefined
Status: confirmed

CWE

CWE-404

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L