Name of the Vulnerable Software and Affected Versions:

code-projects Exam Form Submission version 1.0

Description:

A critical issue exists in code-projects Exam Form Submission 1.0. The vulnerability is due to a SQL injection flaw within an unknown functionality of the file `/admin/update s7.php`. Manipulation of the `credits` argument can lead to successful exploitation. The exploit for this issue has been publicly disclosed.

Recommendations:

As a temporary workaround, consider restricting access to the `/admin/update s7.php` file to minimize the risk of exploitation.

Avoid using the `credits` parameter in the affected file until the issue is resolved.