ReportizFlow
Filtered by vendor Code-projects
Subscriptions
Total
816 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-7187 | 2 Code-projects, Fabian | 2 Chat System, Chat System | 2025-10-23 | 6.3 Medium |
| A vulnerability classified as critical has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /user/fetch_member.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7186 | 2 Code-projects, Fabian | 2 Chat System, Chat System | 2025-10-23 | 6.3 Medium |
| A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/fetch_chat.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-8944 | 2 Code-projects, Fabian | 2 Hospital Management System, Hospital Management System | 2025-10-23 | 7.3 High |
| A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. This affects an unknown part of the file check_availability.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-7808 | 2 Code-projects, Fabian | 2 Job Portal, Job Portal | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file logindbc.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6418 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit_query_account.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-10702 | 2 Code-projects, Fabian | 2 Simple Car Rental System, Simple Car Rental System | 2025-10-23 | 7.3 High |
| A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11585 | 2 Code-projects, Fabian | 2 Project Monitoring System, Project Monitoring System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-0531 | 2 Code-projects, Fabian | 2 Chat System, Chat System | 2025-10-23 | 6.3 Medium |
| A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/leaveroom.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11558 | 2 Code-projects, Fabian | 2 E-commerce Website, E-commerce Website | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
| CVE-2024-7637 | 2 Code-projects, Fabian | 2 Online Polling, Online Polling | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Online Polling 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file registeracc.php of the component Registration. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8501 | 2 Code-projects, Fabian | 2 Human Resource Integrated System, Human Resource Integrated System | 2025-10-23 | 3.5 Low |
| A vulnerability classified as problematic has been found in code-projects Human Resource Integrated System 1.0. Affected is an unknown function of the file /insert-and-view/action.php. The manipulation of the argument content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-56293 | 2 Code-projects, Fabian | 2 Human Resource Integrated System, Human Resource Integrated System | 2025-10-23 | 5.4 Medium |
| code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting (XSS) in the Add Child Information section in the Childs Name field. | ||||
| CVE-2025-8859 | 2 Code-projects, Fabian | 2 Eblog Site, Eblog Site | 2025-10-23 | 6.3 Medium |
| A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6352 | 2 Code-projects, Fabian | 2 Automated Voting System, Automated Voting System | 2025-10-23 | 5.3 Medium |
| A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-60307 | 2 Carmelo, Code-projects | 2 Computer Laboratory System, Computer Laboratory System | 2025-10-21 | 9.8 Critical |
| code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts. | ||||
| CVE-2025-11551 | 2 Carmelo, Code-projects | 2 Student Result Manager, Student Result Manager | 2025-10-20 | 6.3 Medium |
| A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-11553 | 2 Carmelogarcia, Code-projects | 2 Courier Management System, Courier Management System | 2025-10-20 | 6.3 Medium |
| A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-11556 | 2 Carmelo, Code-projects | 2 Simple Leave Manager, Simple Leave Manager | 2025-10-20 | 7.3 High |
| A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2025-60306 | 1 Code-projects | 1 Simple Car Rental System | 2025-10-20 | 9.9 Critical |
| code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations. | ||||
| CVE-2025-60308 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-10-20 | 4.1 Medium |
| code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS) vulnerability in the Add Room function of the online hotel reservation system. Malicious JavaScript code is entered in the Description field, which can leak the administrator's cookie information when browsing this room information | ||||