A vulnerability was found in itsourcecode Electronic Judging System 1.0 . It has been declared as critical . Impacted is an unknown function of the file /admin/delete_judge.php . Such manipulation of the argument judge_id leads to sql injection. This vulnerability is documented as CVE-2026-9528 . The attack can be executed remotely. Additionally, an exploit exists.