CVE-2024-12890 Information

Description

A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Reference

https://code-projects.org/ https://hackmd.io/@salt9487/B1gWdeXrkx https://vuldb.com/?ctiid.289151 https://vuldb.com/?id.289151 https://vuldb.com/?submit.467123