SQL Injection Vulnerability in Code-Projects Exam Form Submission
CVE-2025-8328

9.8CRITICAL

Key Information:

Vendor: Code-Projects
Status: Exam Form Submission
Vendor: CVE Published:; 30 July 2025

🔔 Create Code-Projects Vulnerability Alert

What is CVE-2025-8328?

A SQL injection vulnerability has been identified in the Code-Projects Exam Form Submission version 1.0, specifically in the /register.php file. This vulnerability allows remote attackers to manipulate the USN argument, potentially leading to unauthorized database access and data extraction. The issue has been publicly disclosed, making systems running this software a target for exploitation. Other parameters may also be impacted, increasing the risk of other types of attacks.

References

https://code-projects.org/

https://github.com/1lusanbao9/cve/issues/1

https://vuldb.com/?ctiid.318278

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025