CVE-2026-1423

MEDIUM

Fabian Online Examination System - Improper Access Control

Title source: rule
STIX 2.1

Description

A vulnerability was determined in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /admin_pic.php. Executing a manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

References (5)

Scores

CVSS v3 6.3
EPSS 0.0002
EPSS Percentile 4.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-284 CWE-434
Status published
Products (1)
fabian/online_examination_system 1.0
Published Jan 26, 2026
Tracked Since Feb 18, 2026