CVE-2026-4578

CVE-2026-4578 affects code-projects Exam Form Submission 1.0. The vulnerability is in the unknown function of /admin/update_s3.php, where manipulating the sname argument can lead to cross-site scripting. The attack can be launched remotely, and public disclosure of the exploit is noted. No remedi...

CVE-2026-4578 code-projects Exam Form Submission update_s3.php cross site scripting

A vulnerability was determined in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/updates3.php. Executing a manipulation of the argument sname can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicl...

CVE-2025-10626 SourceCodester Online Exam Form Submission update_s3.php sql injection

A flaw has been found in SourceCodester Online Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /admin/updates3.php. This manipulation of the argument credits causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

Man-in-the-Middle (MitM)

Moodle is vulnerable to man-in-the-middle MitM attacks. The repository/s3/S3.php does not verify that the host is secure before curling to it. This can allow a malicious user to conduct a MitM attack...