SQL Injection Vulnerability in Exam Form Submission by Code-Projects
CVE-2025-8273

6.9MEDIUM

Key Information:

Vendor: Code-projects
Status: Exam Form Submission
Vendor: CVE Published:; 28 July 2025

🔔 Create Code-projects Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-8273?

A vulnerability exists in the Exam Form Submission application, specifically within the /admin/update_s8.php file. This vulnerability allows an attacker to manipulate the 'credits' parameter, potentially enabling SQL injection attacks. Given its nature, the exploit can be executed remotely, posing significant risks to data integrity and security. The vulnerability has been publicly disclosed, raising concerns for users who may be at risk. Website administrators are strongly advised to update their systems promptly and review their security measures to mitigate any potential threats.

Affected Version(s)

Exam Form Submission 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-8273 - Proof of Concept