CVE-2025-8327 is a critical SQL Injection vulnerability identified in the code-projects Exam Form Submission version 1.0. The vulnerability resides in the /admin/delete_s8.php file, specifically in the handling of the 'ID' parameter. An attacker can manipulate this parameter to inject malicious SQL code, which is then executed by the backend database. This flaw allows remote attackers to execute arbitrary SQL commands without any authentication or user interaction, potentially leading to unauthorized data access, data modification, or deletion. The vulnerability is exploitable over the network (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N). The impact on confidentiality, integrity, and availability is limited (VC:L, VI:L, VA:L), indicating partial but significant compromise of data and system stability. Although the CVSS score is 6.9 (medium severity), the nature of SQL injection vulnerabilities often implies a high risk if exploited, especially in administrative functionalities. No patches or mitigations have been officially released yet, and while no known exploits are currently in the wild, public disclosure increases the risk of exploitation by threat actors. The vulnerability affects only version 1.0 of the Exam Form Submission product, which is a niche application likely used by educational institutions or organizations managing exam data.

For European organizations, especially educational institutions and administrative bodies using the code-projects Exam Form Submission 1.0, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to sensitive exam data, manipulation or deletion of exam records, and potential disruption of exam administration processes. This could result in data breaches involving personal information of students and staff, undermining data privacy compliance obligations such as GDPR. Additionally, integrity loss of exam data could affect academic outcomes and institutional reputation. Availability impact, while limited, could still disrupt critical administrative functions. Given the remote exploitability without authentication, attackers could leverage this vulnerability to gain a foothold in the network or pivot to other systems, increasing the overall risk posture of affected organizations.

Organizations should immediately audit their use of code-projects Exam Form Submission version 1.0 and identify any exposed instances of the /admin/delete_s8.php endpoint. As no official patch is currently available, the following specific mitigations are recommended: 1) Implement Web Application Firewall (WAF) rules to detect and block SQL injection patterns targeting the 'ID' parameter; 2) Restrict access to the /admin directory via network segmentation and IP whitelisting to limit exposure; 3) Employ input validation and parameterized queries or prepared statements if source code access and modification are possible; 4) Monitor logs for suspicious activity related to the vulnerable endpoint; 5) Consider temporary disabling or restricting the vulnerable functionality until a patch is released; 6) Engage with the vendor or community for updates and patches; 7) Conduct security awareness training for administrators to recognize exploitation attempts. These targeted actions go beyond generic advice by focusing on the specific vulnerable component and attack vector.