SQL Injection Vulnerability in Code-Projects Online Examination System
CVE-2026-2173

6.9MEDIUM

Key Information:

Vendor
CVE Published:
8 February 2026

What is CVE-2026-2173?

A security vulnerability has been discovered in the Online Examination System version 1.0, specifically involving the login.php file. This issue allows for SQL injection through manipulated username/password parameters. Threat actors can exploit this vulnerability remotely, potentially compromising sensitive data within the system. It is essential for users and administrators to take immediate action to secure their installations against such attacks.

Affected Version(s)

Online Examination System 1.0

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

imcoming (VulDB User)
.