Description
A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Sun, 05 Jul 2026 06:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used. | |
| Title | code-projects Online Examination Quiz Creation Feature update.php sql injection | |
| First Time appeared |
Code-projects
Code-projects online Examination |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:code-projects:online_examination:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Code-projects
Code-projects online Examination |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-05T05:00:08.778Z
Reserved: 2026-07-04T05:55:12.927Z
Link: CVE-2026-14706
No data.
No data.
No data.
OpenCVE Enrichment
No data.