CVE-2025-12262 MEDIUM

CVE-2025-12262: code-projects Online Event Judging System edit_criteria.php sql injection

Vendor Code-Projects

Product Online Event Judging System

Weakness CWE-89 · SQLi

Published October 27, 2025

Last update October 27, 2025

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /edit_criteria.php. Executing manipulation of the argument crit_id can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Key dates

02Disclosure timeline

October 27, 2025 CVE published

October 27, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-12262

Related vulnerabilities

04Related CVE

CVE-2026-5681 itsourcecode sanitize or validate this input Parameter borrowedequip.php sql injection CVE-2023-2051 Campcodes Advanced Online Voting System positions_row.php sql injection CVE-2025-30979 WordPress Pixelating image slideshow gallery plugin <= 8.0 - SQL Injection Vulnerability CVE-2025-6418 code-projects Simple Online Hotel Reservation System edit_query_account.php sql injection CVE-2024-7117 MD-MAFUJUL-HASAN Online-Payroll-Management-System shift_viewmore.php sql injection