CVE-2025-10626 is a medium-severity SQL Injection vulnerability found in SourceCodester Online Exam Form Submission version 1.0. The vulnerability exists in the /admin/update_s3.php file, specifically in the handling of the 'credits' argument. An attacker can manipulate this parameter to inject malicious SQL code, potentially allowing unauthorized access to or modification of the backend database. The vulnerability is remotely exploitable without requiring user interaction or authentication, which increases its risk profile. The CVSS 4.0 score is 5.3, reflecting a moderate impact on confidentiality, integrity, and availability due to limited scope and partial impact on data. The vulnerability does not require privileges or user interaction but does require low privileges (PR:L), indicating that an attacker with some level of access could exploit it. The exploit has been published, increasing the likelihood of exploitation, although no confirmed active exploitation in the wild has been reported yet. The vulnerability could allow attackers to extract sensitive data, modify exam records, or disrupt the online exam system's operation, undermining the integrity and trustworthiness of the examination process.

For European organizations using SourceCodester Online Exam Form Submission 1.0, this vulnerability poses a significant risk to the confidentiality and integrity of examination data. Educational institutions, certification bodies, and training providers relying on this software could face data breaches exposing student or candidate information, exam results, or internal administrative data. Manipulation of exam records could lead to reputational damage, legal liabilities under GDPR for data breaches, and operational disruptions. The remote exploitability without user interaction or authentication means attackers could automate attacks at scale, potentially targeting multiple institutions. The partial impact on availability could also disrupt exam scheduling and administration, affecting organizational operations. Given the sensitivity of examination data and the regulatory environment in Europe, this vulnerability could have serious compliance and trust implications if exploited.

Organizations should immediately assess their use of SourceCodester Online Exam Form Submission version 1.0 and prioritize upgrading to a patched version once available. In the absence of an official patch, implement strict input validation and sanitization on the 'credits' parameter in /admin/update_s3.php to prevent SQL injection. Employ Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting this endpoint. Restrict access to the /admin/update_s3.php file to trusted IP addresses or VPN-only access to reduce exposure. Conduct thorough security audits and penetration testing focused on SQL injection vectors in the application. Monitor logs for suspicious activity related to the 'credits' parameter and unusual database queries. Additionally, implement database least privilege principles to limit the impact of any successful injection, ensuring the database user has minimal permissions necessary. Finally, educate administrators about the risk and signs of exploitation to enable rapid response.