CVE-2026-5649

MEDIUM

code-projects Online Application System for Admission Endpoint admsnform.php sql injection

Title source: cna

Description

A vulnerability has been found in code-projects Online Application System for Admission 1.0. This issue affects some unknown processing of the file /enrollment/admsnform.php of the component Endpoint. Such manipulation leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

References (5)

Scores

CVSS v3 6.3
EPSS 0.0001
EPSS Percentile 1.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-74 CWE-89
Status published
Products (1)
code-projects/Online Application System for Admission 1.0
Published Apr 06, 2026
Tracked Since Apr 06, 2026