A vulnerability was found in code-projects Assessment Management 1.0 and classified as critical. This vulnerability affects unknown code of the file /lecturer/marking-scheme.php. The manipulation of the argument smarksrange[] results in sql injection.
This vulnerability is known as CVE-2026-14658. It is possible to launch the attack remotely. Furthermore, an exploit is available.