CVE-2026-10620

EUVD-2026-34023
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://code-projects.org/
https://github.com/Xu-Zhihan/CVE/issues/12
https://github.com/Xu-Zhihan/CVE/issues/13
https://vuldb.com/cve/CVE-2026-10620
https://vuldb.com/submit/829586
https://vuldb.com/submit/829606
https://vuldb.com/vuln/367928
https://vuldb.com/vuln/367928/cti