A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
Metrics
Affected Vendors & Products
References
History
Sun, 05 Jul 2026 06:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used. | |
| Title | code-projects Online Examination Quiz Creation Feature update.php sql injection | |
| First Time appeared |
Code-projects
Code-projects online Examination |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:code-projects:online_examination:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Code-projects
Code-projects online Examination |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-07-05T05:00:08.778Z
Updated: 2026-07-05T05:00:08.778Z
Reserved: 2026-07-04T05:55:12.927Z
Link: CVE-2026-14706
No data.
No data.
No data.