A vulnerability was found in code-projects Assessment Management 1.0. It has been classified as critical. This issue affects some unknown processing of the file /lecturer/marking-scheme.php of the component Database Query Handler. This manipulation of the argument squestions[] causes sql injection.

This vulnerability is handled as CVE-2026-14657. The attack can be initiated remotely. Additionally, an exploit exists.