PT-2026-7005 · Code Projects · Online Examination System

Imcoming

Published

2026-02-08

Updated

2026-02-09

CVE-2026-2173

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0

Description A flaw exists in the Online Examination System that allows for SQL injection through the manipulation of the username and password arguments in the login.php file. This issue can be exploited remotely.

Recommendations Apply input validation and sanitization to the username and password parameters in the login.php file.

Fix

SQL injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89CWE-74

Related Identifiers

CVE-2026-2173

Affected Products

Online Examination System

PT-2026-7005 · Code Projects · Online Examination System

CVE-2026-2173

Weakness Enumeration

Related Identifiers

Affected Products

References · 10