Name of the Vulnerable Software and Affected Versions:

code-projects Exam Form Submission version 1.0

Description:

A critical issue exists in code-projects Exam Form Submission 1.0. The vulnerability is due to the manipulation of the `ID` argument in the `/admin/delete s6.php` file, leading to a SQL injection. This allows for remote exploitation. The exploit has been publicly disclosed.

Recommendations:

As a temporary workaround, restrict access to the `/admin/delete s6.php` file until a fix is available.

Sanitize the `ID` argument before using it in any SQL queries.