SQL Injection Vulnerability in Sourcecodester Online Exam System by Sourcecodester
CVE-2025-28087

9.8CRITICAL

Key Information:

Vendor: Sourcecodester
Status: Sourcecodester Online Exam System
Vendor: CVE Published:; 28 March 2025

Summary

The Sourcecodester Online Exam System 1.0 contains a vulnerability that allows for SQL Injection through the dash.php file. This flaw can be exploited by attackers to manipulate database queries, potentially leading to unauthorized data access or data corruption. It is essential for users to implement security measures to safeguard their systems against such vulnerabilities.

References

https://www.yuque.com/morysummer/vx41bz/vxhdpdeavzvtvdqq

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 28, 2025