CVE-2026-4557

MEDIUM

code-projects Exam Form Submission update_s1.php cross site scripting

Title source: cna

Description

A vulnerability was detected in code-projects Exam Form Submission 1.0. This impacts an unknown function of the file /admin/update_s1.php. Performing a manipulation of the argument sname results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be used.

References (5)

Scores

CVSS v3 4.3
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-94 CWE-79
Status published
Products (1)
code-projects/Exam Form Submission < 1.0
Published Mar 22, 2026
Tracked Since Mar 22, 2026