code-projects Exam Form Submission admin sql injection

July 27, 2025 invoker category_cve

CVE Details

Basic Information

Title code-projects Exam Form Submission admin sql injection
Type cve
Published 2025-07-27T19:02:05.527Z
Modified 2025-07-27T19:02:05.527Z

Product Information

Vendor code-projects
Product Exam Form Submission
Version 1.0

CVSS Information

Base Score 6.9 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

AI Analysis

AI Description A SQL injection vulnerability was discovered in the Exam Form Submission plugin version 1.0. This vulnerability allows remote attackers to inject malicious SQL code through the email argument, potentially leading to unauthorized data access or modification.
AI Severity Medium
AI Vendor code-projects
AI Product Exam Form Submission
AI Version 1.0

Affected Products

  • code-projects Exam Form Submission 1.0

Additional Information

CWE List CWE-89, CWE-74
Source VulDB

Description

A vulnerability classified as critical was found in code-projects Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.