92 matches found
CVE-2025-7180 code-projects Staff Audit System login.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-7180 code-projects Staff Audit System login.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-7180
CVE-2025-7180 affects code-projects Staff Audit System 1.0. The vulnerability is in the processing of /login.php, where manipulating the User argument enables SQL injection. This can be exploited remotely and, per sources, the exploit has been disclosed publicly. Multiple sources rate the impact ...
Code-Projects Staff Audit System 注入漏洞
Code-Projects Staff Audit System is a Code-Projects open source staff audit system. Code-Projects Staff Audit System version 1.0 suffers from an injection vulnerability that stems from improper manipulation of the parameter User in the file /login.php, which can lead to SQL injection attacks...
Code-Projects Staff Audit System 安全漏洞
Code-Projects Staff Audit System is an open source staff audit system from Code-Projects. A security vulnerability exists in Code-Projects Staff Audit System version 1.0, which stems from improper manipulation of the parameter uploadedfile in the file /test.php, which could lead to arbitrary file...
PT-2025-28457 · Code Projects · Staff Audit System
Name of the Vulnerable Software and Affected Versions: code-projects Staff Audit System version 1.0 Description: A critical issue has been found in the Staff Audit System, affecting the processing of the file /login.php. The manipulation of the User argument leads to SQL injection. The attack can...
PT-2025-28462 · Unknown · Code-Projects Staff Audit System
Name of the Vulnerable Software and Affected Versions: code-projects Staff Audit System version 1.0 Description: A critical issue was found in the code-projects Staff Audit System. The problem is related to an unknown function of the file /test.php, where the manipulation of the uploadedfile...
Staff Audit System /search_index.php File SQL Injection Vulnerability
Staff Audit System is an employee audit system. Staff Audit System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /searchindex.php. An attacker can exploit this vulnerability to execut...
Staff Audit System /update_index.php File SQL Injection Vulnerability
Staff Audit System is an employee audit system. Staff Audit System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter updateid in the file /updateindex.php. An attacker can exploit this vulnerability to...
CVE-2025-6883
A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /updateindex.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...
CVE-2025-6884
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...
Arbitrary File Read Vulnerability in Privileged Account and Operation and Maintenance Audit System of Sanwei Xinan Technology Co.
Privileged Account and Operation and Maintenance Audit System focuses on the full life cycle management and operation behavior monitoring of high-privileged accounts. The product prevents the risk of unauthorized access by centralizing the control of privileged accounts and implementing mechanism...
CVE-2025-6883
A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /updateindex.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...
CVE-2025-6884
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...
CVE-2025-6883
A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /updateindex.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...
CVE-2025-6884
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...
CVE-2025-6884
CVE-2025-6884 affects code-projects Staff Audit System 1.0. The vulnerability lies in the /search_index.php file, where unvalidated input in the Search parameter enables SQL injection. Reported as remote and exploitable, with public disclosure noted in multiple sources; impact is data confidentia...
CVE-2025-6884 code-projects Staff Audit System search_index.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...
CVE-2025-6884 code-projects Staff Audit System search_index.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...
CVE-2025-6883
Staff Audit System 1.0 contains a SQL injection vulnerability in /update_index.php via the updateid parameter. Root cause: unsanitized SQL statements from externally provided updateid. Impact: remote attacker can execute arbitrary SQL, potentially stealing data. Exploitation is publicly disclosed...