{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/online-examination-1.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-14705"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Online Examination 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve","initial-access"],"_cs_type":"advisory","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eA remote SQL injection vulnerability, identified as CVE-2026-14705, has been discovered in version 1.0 of the code-projects Online Examination web application. This flaw resides within the \u003ccode\u003ehead.php\u003c/code\u003e component, where insufficient sanitization of the \u003ccode\u003euname\u003c/code\u003e (username) and \u003ccode\u003epassword\u003c/code\u003e arguments allows an attacker to inject arbitrary SQL commands. This can lead to unauthorized data access, modification, or potential control over the database, thereby compromising the integrity and confidentiality of the examination system. The vulnerability is network-exploitable and does not require authentication, making it a significant risk. The exploit for this vulnerability has been publicly disclosed, increasing the likelihood of its utilization by malicious actors, and necessitating immediate attention from organizations running this specific software version.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a publicly accessible instance of \u003ccode\u003ecode-projects Online Examination 1.0\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request (GET or POST) targeting the \u003ccode\u003ehead.php\u003c/code\u003e endpoint of the application.\u003c/li\u003e\n\u003cli\u003eWithin the HTTP request, the attacker injects SQL metacharacters and commands into the \u003ccode\u003euname\u003c/code\u003e or \u003ccode\u003epassword\u003c/code\u003e parameters.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003ehead.php\u003c/code\u003e script processes the request without adequately sanitizing the input fields.\u003c/li\u003e\n\u003cli\u003eThe backend database executes the attacker's injected SQL commands, often leading to authentication bypass, data exfiltration, or further database manipulation.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to the application's functionality, database records, or potentially elevates privileges within the database context.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-14705 could lead to severe consequences for organizations using code-projects Online Examination 1.0. Attackers can bypass authentication mechanisms, access sensitive student or exam data (e.g., personally identifiable information, test scores, questions), and potentially alter or delete critical database records. This could result in data breaches, academic fraud, reputational damage, and regulatory non-compliance. Given the public disclosure of the exploit, any internet-facing instance of the affected application is at immediate risk of exploitation, potentially affecting an unknown number of educational institutions or businesses using this platform.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately remove \u003ccode\u003ecode-projects Online Examination 1.0\u003c/code\u003e from production environments or apply vendor-provided patches as soon as they become available to mitigate CVE-2026-14705.\u003c/li\u003e\n\u003cli\u003eImplement strong input validation and parameterized queries for all user-supplied input, especially for the \u003ccode\u003euname\u003c/code\u003e and \u003ccode\u003epassword\u003c/code\u003e fields, to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eDeploy a Web Application Firewall (WAF) in front of web applications to detect and block malicious requests attempting to exploit CVE-2026-14705, specifically looking for SQL injection payloads.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule provided in this brief to your SIEM solution to detect attempted exploitation of this vulnerability.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-05T06:25:32Z","date_published":"2026-07-05T06:25:32Z","id":"https://feed.craftedsignal.io/briefs/2026-07-code-projects-sql-injection/","summary":"A critical remote SQL injection vulnerability (CVE-2026-14705) exists in code-projects Online Examination 1.0, specifically within the `head.php` file, where manipulation of the `uname` or `password` arguments can lead to arbitrary SQL command execution, which has been publicly disclosed and can be exploited by an unauthenticated attacker.","title":"CVE-2026-14705: SQL Injection in code-projects Online Examination 1.0","url":"https://feed.craftedsignal.io/briefs/2026-07-code-projects-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed - Online Examination 1.0","version":"https://jsonfeed.org/version/1.1"}