{"cve_id":"CVE-2026-2197","summary":"A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument test_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.","cvss":7.3,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":7.3,"epss":0.00036,"ranking_epss":0.10523,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://code-projects.org/","https://github.com/tiancesec/CVE/issues/18","https://vuldb.com/?ctiid.344900","https://vuldb.com/?id.344900","https://vuldb.com/?submit.750012"],"published_time":"2026-02-09T01:16:03","cpes":["cpe:2.3:a:fabian:online_reviewer_system:1.0"]}