CVE-2026-4595 PUBLISHED

A vulnerability was determined in code-projects Exam Form Submission 1.0. This vulnerability affects unknown code of the file /admin/update_s6.php. Executing a manipulation of the argument sname can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

• binyu (VulDB User) reporter

• VDB-352433 | code-projects Exam Form Submission update_s6.php cross site scripting
• VDB-352433 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #775623 | code-projects Exam Form Submission V1.0 cross site scripting
• https://github.com/bybinyu/Vulnerability-Practice/issues/1
• https://code-projects.org/

• Cross Site Scripting CWE
• Code Injection CWE