CVE-2025-9610
Severity
6.9MEDIUM
EPSS
0.0%
top 90.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedAug 29
Description
A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well.
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N