A flaw has been found in SourceCodester Online Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /admin/update_s3.php. This manipulation of the argument credits causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.

Related CVEs

CVE-2025-10626

Key Information

GHSA ID

GHSA-cjjh-4885-hp9h

Published

September 18, 2025 4:12 AM

Last Modified

September 18, 2025 4:12 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 18, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.