Filtered by vendor Code-projects
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0301 | 2 Code-projects, Fabian | 2 Online Book Shop, Online Book Shop | 2025-10-23 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in code-projects Online Book Shop 1.0. Affected by this issue is some unknown functionality of the file /subcat.php. The manipulation of the argument catnm leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11037 | 2 Code-projects, Fabian | 2 E-commerce Website, E-commerce Website | 2025-10-23 | 7.3 High |
| A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/admin_index_search.php. Performing manipulation of the argument Search results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-11124 | 2 Code-projects, Fabian | 2 Project Monitoring System, Project Monitoring System | 2025-10-23 | 3.5 Low |
| A vulnerability has been found in code-projects Project Monitoring System 1.0. Affected is an unknown function of the file /onlineJobSearchEngine/postjob.php. Such manipulation of the argument txtapplyto leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-10506 | 2 Code-projects, Fabian | 2 Blood Bank System, Blood Bank Management System | 2025-10-23 | 6.3 Medium |
| A vulnerability classified as critical has been found in code-projects Blood Bank System 1.0. This affects an unknown part of the file /admin/blood/update/B-.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11597 | 2 Code-projects, Fabian | 2 E-commerce Website, E-commerce Website | 2025-10-23 | 6.3 Medium |
| A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-11600 | 2 Code-projects, Fabian | 2 Simple Food Ordering System, Simple Food Ordering System | 2025-10-23 | 6.3 Medium |
| A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-11116 | 2 Code-projects, Fabian | 2 Simple Scheduling System, Simple Scheduling System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /add.home.php. The manipulation of the argument faculty results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. Other parameters might be affected as well. | ||||
| CVE-2025-11108 | 2 Code-projects, Fabian | 2 Simple Scheduling System, Simple Scheduling System | 2025-10-23 | 7.3 High |
| A vulnerability was determined in code-projects Simple Scheduling System 1.0. Impacted is an unknown function of the file /schedulingsystem/addroom.php. Executing manipulation of the argument room can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2024-8168 | 2 Code-projects, Fabian | 2 Online Bus Reservation Site, Online Bus Reservation Site | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11608 | 2 Code-projects, Fabian | 2 E-banking System, Simple E-banking System | 2025-10-23 | 7.3 High |
| A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-11107 | 2 Code-projects, Fabian | 2 Simple Scheduling System, Simple Scheduling System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Simple Scheduling System 1.0. This issue affects some unknown processing of the file /schedulingsystem/addcourse.php. Performing manipulation of the argument corcode results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-6352 | 2 Code-projects, Fabian | 2 Automated Voting System, Automated Voting System | 2025-10-23 | 5.3 Medium |
| A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-60307 | 2 Carmelo, Code-projects | 2 Computer Laboratory System, Computer Laboratory System | 2025-10-21 | 9.8 Critical |
| code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts. | ||||
| CVE-2025-11551 | 2 Carmelo, Code-projects | 2 Student Result Manager, Student Result Manager | 2025-10-20 | 6.3 Medium |
| A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-11553 | 2 Carmelogarcia, Code-projects | 2 Courier Management System, Courier Management System | 2025-10-20 | 6.3 Medium |
| A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-11556 | 2 Carmelo, Code-projects | 2 Simple Leave Manager, Simple Leave Manager | 2025-10-20 | 7.3 High |
| A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2025-60306 | 1 Code-projects | 1 Simple Car Rental System | 2025-10-20 | 9.9 Critical |
| code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations. | ||||
| CVE-2025-60308 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-10-20 | 4.1 Medium |
| code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS) vulnerability in the Add Room function of the online hotel reservation system. Malicious JavaScript code is entered in the Description field, which can leak the administrator's cookie information when browsing this room information | ||||
| CVE-2025-11667 | 2 Code-projects, Fabian | 2 Automated Voting System, Automated Voting System | 2025-10-20 | 6.3 Medium |
| A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add_candidate_modal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-11668 | 2 Code-projects, Fabian | 2 Automated Voting System, Automated Voting System | 2025-10-20 | 4.7 Medium |
| A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/update_user.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | ||||