CVE-2026-1422

Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0

Description A flaw exists in the Online Examination System that allows for remote SQL injection. This occurs through manipulation of the User argument within the /index.php file, specifically related to the Login Page component. The exploit for this issue has been publicly disclosed.

Recommendations Apply any available updates or patches to address the SQL injection vulnerability in the /index.php file. As a temporary workaround, consider restricting or carefully validating the User input parameter to prevent malicious SQL code injection.