ReportizFlow
Filtered by vendor Code-projects
Subscriptions
Total
816 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13323 | 2 Carmelo, Code-projects | 2 Simple Pizza Ordering System, Simple Pizza Ordering System | 2025-11-19 | 7.3 High |
| A security flaw has been discovered in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /listorder.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-12928 | 2 Code-projects, Fabian | 2 Online Job Search Engine, Online Job Search Engine | 2025-11-17 | 7.3 High |
| A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2025-13170 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-11-17 | 7.3 High |
| A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/edit_account.php. Performing manipulation of the argument admin_id results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2025-13169 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-11-17 | 7.3 High |
| A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /add_query_reserve.php. Such manipulation of the argument room_id leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-12594 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-11-05 | 4.7 Medium |
| A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/add_account.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-12593 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-11-05 | 4.7 Medium |
| A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/edit_room.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-63622 | 2 Code-projects, Fabian | 2 Online Complaint Site, Online Complaint Site | 2025-11-03 | 9.8 Critical |
| A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection. | ||||
| CVE-2025-12280 | 2 Code-projects, Fabian | 2 Client Details System, Client Details System | 2025-11-03 | 2.4 Low |
| A vulnerability was found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /update-clients.php. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-12281 | 2 Code-projects, Fabian | 2 Client Details System, Client Details System | 2025-11-03 | 2.4 Low |
| A vulnerability was determined in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/clientview.php. Executing manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-12302 | 2 Code-projects, Fabian | 2 Simple Food Ordering System, Simple Food Ordering System | 2025-11-03 | 4.3 Medium |
| A vulnerability was detected in code-projects Simple Food Ordering System 1.0. The affected element is an unknown function of the file /editproduct.php. Performing manipulation of the argument pname/category/price results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2025-12301 | 2 Code-projects, Fabian | 2 Simple Food Ordering System, Simple Food Ordering System | 2025-11-03 | 7.3 High |
| A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-12300 | 2 Code-projects, Fabian | 2 Simple Food Ordering System, Simple Food Ordering System | 2025-11-03 | 4.3 Medium |
| A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-12299 | 2 Code-projects, Fabian | 2 Simple Food Ordering System, Simple Food Ordering System | 2025-11-03 | 4.3 Medium |
| A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-12298 | 2 Code-projects, Fabian | 2 Simple Food Ordering System, Simple Food Ordering System | 2025-11-03 | 4.3 Medium |
| A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-12378 | 2 Code-projects, Fabian | 2 Simple Food Ordering System, Simple Food Ordering System | 2025-11-03 | 7.3 High |
| A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-12308 | 2 Code-projects, Fabian | 2 Social Networking Site, Nero Social Networking Site | 2025-11-03 | 7.3 High |
| A security flaw has been discovered in code-projects Nero Social Networking Site 1.0. Affected by this issue is some unknown functionality of the file /deletemessage.php. Performing manipulation of the argument message_id results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-12307 | 2 Code-projects, Fabian | 2 Social Networking Site, Nero Social Networking Site | 2025-11-03 | 7.3 High |
| A vulnerability was identified in code-projects Nero Social Networking Site 1.0. Affected by this vulnerability is an unknown functionality of the file /addfriend.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. | ||||
| CVE-2025-12306 | 2 Code-projects, Fabian | 2 Social Networking Site, Nero Social Networking Site | 2025-11-03 | 7.3 High |
| A vulnerability was determined in code-projects Nero Social Networking Site 1.0. Affected is an unknown function of the file /acceptoffres.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-12334 | 2 Code-projects, Fabian | 2 E-commerce Website, E-commerce Website | 2025-10-31 | 4.3 Medium |
| A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument prod_name/prod_desc/prod_cost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-12335 | 2 Code-projects, Fabian | 2 E-commerce Website, E-commerce Website | 2025-10-31 | 4.3 Medium |
| A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplier_update.php. This manipulation of the argument supp_name/supp_address causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||