📄 Description (English)
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/update_smtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🤖 AI Executive Summary
CVE-2026-2938 is a high-severity improper access control vulnerability in SourceCodester Student Result Management System 1.0 affecting the SMTP configuration module. The vulnerability allows remote attackers to manipulate SMTP settings without proper authorization, potentially enabling email spoofing, credential theft, or system compromise. With public exploit availability and patch confirmation, immediate remediation is critical for educational institutions and organizations using this system.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 5, 2026 19:31
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability poses significant risk to Saudi educational institutions, particularly universities and schools using this system for student management. Secondary impact extends to government education sector (Ministry of Education), healthcare institutions with student/staff management modules, and any organization managing sensitive educational data. The improper access control on SMTP configuration could enable attackers to intercept communications, modify system notifications, or establish persistence. Organizations in the education sector and those subject to CITC/NCA oversight face compliance violations if exploited.
🏢 Affected Saudi Sectors
Education (Universities, Schools, Training Centers)
Government (Ministry of Education, Educational Administration)
Healthcare (Hospital student/staff management)
Private Sector (Corporate training departments)
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
7.8
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all instances of Student Result Management System 1.0 in your environment using network scanning tools
2. Restrict network access to /srms/script/admin/core/update_smtp.php using WAF rules or firewall ACLs
3. Implement IP whitelisting for administrative access to the SRMS application
4. Review SMTP configuration logs for unauthorized modifications
5. Monitor email traffic for anomalies or spoofed messages
PATCHING:
1. Apply the available patch immediately to all affected instances
2. Test patch in staging environment before production deployment
3. Verify SMTP functionality post-patch
4. Document patch application and testing results
COMPENSATING CONTROLS (if patching delayed):
1. Implement authentication verification on all admin functions
2. Deploy Web Application Firewall (WAF) rules to block direct access to update_smtp.php
3. Enable detailed logging and alerting for SMTP configuration changes
4. Implement rate limiting on administrative endpoints
5. Use reverse proxy to enforce additional authentication layers
DETECTION:
1. Monitor for POST/GET requests to /srms/script/admin/core/update_smtp.php
2. Alert on SMTP configuration changes without proper admin session
3. Track failed authentication attempts to admin functions
4. Monitor outbound SMTP connections for unauthorized relay attempts
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تحديد جميع نسخ نظام إدارة نتائج الطلاب 1.0 في بيئتك باستخدام أدوات المسح
2. تقييد الوصول إلى /srms/script/admin/core/update_smtp.php باستخدام قواعد WAF أو قوائم التحكم بالوصول
3. تطبيق قائمة بيضاء للعناوين IP للوصول الإداري
4. مراجعة سجلات إعدادات SMTP للتعديلات غير المصرح بها
5. مراقبة حركة البريد الإلكتروني للكشف عن الحالات الشاذة
التصحيح:
1. تطبيق التصحيح المتاح فوراً على جميع النسخ المتأثرة
2. اختبار التصحيح في بيئة التطوير قبل النشر في الإنتاج
3. التحقق من وظائف SMTP بعد التصحيح
4. توثيق تطبيق التصحيح ونتائج الاختبار
الضوابط البديلة:
1. تطبيق التحقق من المصادقة على جميع الوظائف الإدارية
2. نشر قواعد WAF لحظر الوصول المباشر إلى update_smtp.php
3. تفعيل السجلات والتنبيهات التفصيلية لتغييرات إعدادات SMTP
4. تطبيق تحديد معدل على نقاط النهاية الإدارية
5. استخدام وكيل عكسي لفرض طبقات مصادقة إضافية
الكشف:
1. مراقبة طلبات POST/GET إلى /srms/script/admin/core/update_smtp.php
2. التنبيه على تغييرات إعدادات SMTP بدون جلسة إدارية صحيحة
3. تتبع محاولات المصادقة الفاشلة للوظائف الإدارية
4. مراقبة اتصالات SMTP الصادرة للمحاولات غير المصرح بها
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.9.1.1 - Access control policy and procedures
ECC 2024 A.9.2.1 - User registration and access rights management
ECC 2024 A.9.4.3 - Password management
ECC 2024 A.14.2.1 - Secure development policy
🔵 SAMA CSF
SAMA CSF ID.AC-1 - Access Control Policy
SAMA CSF PR.AC-1 - Processes and procedures for access management
SAMA CSF DE.CM-1 - Detection and monitoring of unauthorized access
🟡 ISO 27001:2022
ISO 27001:2022 A.5.15 - Access control
ISO 27001:2022 A.8.1 - User endpoint devices
ISO 27001:2022 A.8.3 - Access control
ISO 27001:2022 A.9.2 - User access management
🟣 PCI DSS v4.0.1
PCI DSS 2.1 - Change default passwords
PCI DSS 6.2 - Security patches and updates
PCI DSS 7.1 - Restrict access to cardholder data
🔗 References & Sources 5
🔗
https://github.com/Shaon-Xis/SRMS-1.0---Unauthenticated-SMTP-Hijacking-to-Account-Takeover
cna@vuldb.com
Exploit
Third Party Advisory
🔗
https://vuldb.com/?ctiid.347310
cna@vuldb.com
Permissions Required
VDB Entry
🔗
https://vuldb.com/?id.347310
cna@vuldb.com
Third Party Advisory
VDB Entry
🔗
https://vuldb.com/?submit.755345
cna@vuldb.com
Third Party Advisory
VDB Entry
🔗
https://www.sourcecodester.com/
cna@vuldb.com
Product
📦 Affected Products / CPE 1 entries
munyweki:student_result_management_system:1.0