CVE-2025-10602 is a SQL Injection vulnerability identified in SourceCodester Online Exam Form Submission version 1.0. The vulnerability exists in the /admin/delete_s1.php file, specifically through manipulation of the 'ID' parameter. This parameter is not properly sanitized, allowing an attacker to inject malicious SQL code. The attack can be performed remotely without requiring user interaction or authentication, which increases the risk of exploitation. The vulnerability allows an attacker to execute arbitrary SQL commands on the backend database, potentially leading to unauthorized data access, data modification, or deletion. The CVSS 4.0 score is 5.3 (medium severity), reflecting the fact that while the attack vector is network-based and requires no user interaction, it does require low privileges (PR:L) and has limited impact on confidentiality, integrity, and availability (VC:L, VI:L, VA:L). Although no public exploits have been observed in the wild, proof-of-concept code has been published, increasing the likelihood of future exploitation. The vulnerability affects only version 1.0 of the product, which is a niche online exam form submission system, typically used by educational institutions or training providers to manage exam registrations and submissions. The lack of patches or vendor-provided fixes at the time of publication means that affected organizations must rely on mitigation strategies until an official update is released.

For European organizations, especially educational institutions and training centers using SourceCodester Online Exam Form Submission 1.0, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to sensitive student data, exam records, and administrative information. This could result in data breaches violating GDPR requirements, leading to regulatory penalties and reputational damage. Additionally, manipulation or deletion of exam data could disrupt academic operations, affecting exam integrity and availability of services. Since the vulnerability allows remote exploitation without authentication, attackers could leverage it to gain a foothold in the network, potentially pivoting to other systems. The medium severity rating suggests that while the impact is not catastrophic, the risk is non-trivial and requires prompt attention to prevent data compromise and service disruption.

Organizations should immediately audit their use of SourceCodester Online Exam Form Submission 1.0 and identify any exposed instances of the /admin/delete_s1.php endpoint. As no official patch is available, the following mitigations are recommended: 1) Implement Web Application Firewall (WAF) rules to detect and block SQL injection patterns targeting the 'ID' parameter. 2) Restrict access to the /admin/delete_s1.php endpoint by IP whitelisting or VPN access to limit exposure. 3) Conduct input validation and sanitization at the application level, if source code access is available, to properly handle the 'ID' parameter and prevent injection. 4) Monitor logs for suspicious SQL queries or repeated access attempts to the vulnerable endpoint. 5) Consider isolating the affected system within the network to reduce lateral movement risk. 6) Plan for an upgrade or migration to a patched or alternative solution as soon as a fix becomes available. 7) Educate administrative users about the risk and encourage strong credential management to reduce privilege misuse.