PT-2025-47879 · Code Projects · Question Paper Generator
Yudeshui
·
Published
2025-11-24
·
Updated
2025-11-24
·
CVE-2025-13583
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
code-projects Question Paper Generator version 1.0
Description
A flaw exists in code-projects Question Paper Generator 1.0 related to the POST Parameter Handler component and the
/signupscript.php file. Manipulation of the Fname argument can result in SQL injection. This issue is remotely exploitable, and details about the exploit are publicly available.Recommendations
Apply any available updates or patches to address the SQL injection issue in the
/signupscript.php file. As a temporary workaround, consider sanitizing the Fname input to prevent SQL injection attacks.Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Question Paper Generator