code-projects Exam Form Submission update_fst.php cross site scripting_CVE-2026-5106

4.8 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/update_fst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used.

Basic Information

ID CVE-2026-5106

Source VulDB

Published Mar 30, 2026 at 04:00

Modified Mar 30, 2026 at 14:51

Affected Product

Vendor code-projects

Product Exam Form Submission

Version 1.0

Affected Versions code-projects Exam Form Submission 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/update_fst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used.",
    "published": "2026-03-30T04:00:18.466Z",
    "modified": "2026-03-30T14:51:54.907Z",
    "type": "cve",
    "title": "code-projects Exam Form Submission update_fst.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/354131\nhttps://vuldb.com/vuln/354131/cti\nhttps://vuldb.com/submit/780091\nhttps://github.com/sxc2044-pixel/hajimi/issues/1\nhttps://code-projects.org/",
    "id": "CVE-2026-5106",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "code-projects Exam Form Submission 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Exam Form Submission",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}