Code-Projects School Fees Payment System 1.0 - SQL Injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

EUVD-2026-35021

A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2026-11490

CVE-2026-11490 affects code-projects Online Music Site 1.0. A vulnerability in processing the Category argument in /Frontend/Search.php enables SQL injection. Exploitation can be performed remotely, and public disclosure of the exploit is noted in the sources. Connected documents (Attackerkb and ...

CVE-2026-11490 code-projects Online Music Site Search.php sql injection

A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2026-11490 code-projects Online Music Site Search.php sql injection

A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2026-11489 code-projects Online Music Site AdminDeleteAlbum.php sql injection

A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminDeleteAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public an...

CVE-2026-11489 code-projects Online Music Site AdminDeleteAlbum.php sql injection

A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminDeleteAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public an...

CVE-2026-11488

The CVE-2026-11488 entry concerns code-projects Simple Flight Ticket Booking System 1.0. It identifies a SQL injection in the POST Parameter Handler, specifically in checkUser.php via the Username argument. Impact is limited to confidentiality and integrity with a low severity in CVSS metrics, an...

CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

Code-Projects Online Music Site 注入漏洞

Code-Projects Online Music Site is an online music website developed by Code-Projects as open source. Version 1.0 of the Code-Projects Online Music Site has a vulnerability due to incorrect handling of the Category parameter in the file/Frontend/Search.php, which may lead to SQL injection attacks...

Code-Projects Online Music Site 注入漏洞

Code-Projects Online Music Site is an online music website developed by Code-Projects as open source. Version 1.0 of the Code-Projects Online Music Site has a vulnerability due to incorrect handling of parameters in the file /Administrator/PHP/AdminDeleteAlbum.php. This vulnerability may lead to...

CVE-2026-7095

A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...

CVE-2026-7118

A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2026-7090

A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...

CVE-2026-7109

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and...

CVE-2026-8098

A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly...

CVE-2026-11344 code-projects Vehicle Management System New Driver Registration Form newdriver.php unrestricted upload

A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely...

CVE-2026-11344

CVE-2026-11344 affects the code-projects Vehicle Management System 1.0, specifically the New Driver Registration Form’s file handling in newdriver.php. The vulnerability arises from manipulating the argument photo, leading to an unrestricted upload condition. The flaw is exploitable remotely and ...

CVE-2026-11342

Vulnerability : In code-projects Hotel and Tourism Reservation System 1.0, the file /details.php is susceptible to SQL injection via the room parameter. Root cause : unsanitized input in the argument dispatched to an SQL query. Impact : exploitation can be performed remotely; CVSS metrics in sour...

Code-Projects Hotel and Tourism Reservation System SQL注入漏洞

Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a SQL injection vulnerability. This vulnerability arises from improper handling of the ro...