Dzgb

**Name of the Vulnerable Software and Affected Versions** code-projects Exam Form Submission version 1.0 **Description** A critical issue exists in code-projects Exam Form Submission 1.0 related to SQL injection. The manipulation of the `credits` argument in the processing of the file `/admin/update s3.php` can lead to a successful attack. This attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** code-projects Exam Form Submission version 1.0: Sanitize or validate the `credits` argument to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** code-projects Exam Form Submission version 1.0 **Description** A critical vulnerability exists due to a SQL injection flaw. The issue is located in an unknown function of the file `/admin/update s4.php`. Manipulation of the `credits` argument allows for remote exploitation. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/admin/update s4.php` file until a fix is available. Sanitize the `credits` argument to prevent SQL injection.

**Name of the Vulnerable Software and Affected Versions** code-projects Exam Form Submission version 1.0 **Description** A vulnerability exists in code-projects Exam Form Submission 1.0 related to unrestricted file upload. The issue affects the processing of the `/register.php` file. Manipulation of the `image` argument allows for unrestricted upload, and the attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.