CVE-2024-4912

Name of the Vulnerable Software and Affected Versions Campcodes Online Examination System version 1.0

Description A critical issue has been found in the system, affecting the file addExamExe.php. The manipulation of the examTitle argument leads to SQL injection. It is possible to initiate the attack remotely. The issue has been publicly disclosed and may be exploited.

Recommendations For Campcodes Online Examination System version 1.0, consider restricting access to the addExamExe.php file until a patch is available. As a temporary workaround, avoid using the examTitle argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.