GHSA-r5pv-rmw5-4xxwLowCVSS 6.3
A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown...
🔗 CVE IDs covered (1)
📋 Description
A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
🔗 References (8)
- https://nvd.nist.gov/vuln/detail/CVE-2026-14706
- https://code-projects.org
- https://github.com/zzzxc643/CVE1/blob/main/project1/vul3.md
- https://vuldb.com/cve/CVE-2026-14706
- https://vuldb.com/submit/847386
- https://vuldb.com/vuln/376302
- https://vuldb.com/vuln/376302/cti
- https://github.com/advisories/GHSA-r5pv-rmw5-4xxw