CVE-2025-15140 | saiftheboss7 onlinemcqexam up to 0e56806132971e49721db3ef01868098c7b42ada /admin/quesadd.php ans1/ans2 sql injection

A vulnerability marked as critical has been reported in saiftheboss7 onlinemcqexam up to 0e56806132971e49721db3ef01868098c7b42ada. This vulnerability affects unknown code of the file /admin/quesadd.php. Performing manipulation of the argument ans1/ans2 results in sql injection.

This vulnerability is reported as CVE-2025-15140. The attack is possible to be carried out remotely. Moreover, an exploit is present.

This product adopts a rolling release strategy to maintain continuous delivery

The vendor was contacted early about this disclosure but did not respond in any way. Once again VulDB remains the best source for vulnerability data.VulDB Recent EntriesRead More