CVE-2025-12335 code-projects E-Commerce Website supplier_update.php cross site scripting

A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplierupdate.php. This manipulation of the argument suppname/suppaddress causes cross site scripting. The attack can be initiated remotely. The...

CVE-2025-12334 code-projects E-Commerce Website product_add.php cross site scripting

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-11513

A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplierupdate.php. This manipulation of the argument suppid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and...

CVE-2025-11513

Summary: CVE-2025-11513 affects the code-projects E-Commerce Website 1.0, specifically the /pages/supplier_update.php file. The vulnerability arises from improper handling of the supp_id parameter, enabling SQL injection. Several connected sources (CNVD, RH, CNNVD, CVE records) describe remote ex...

CVE-2025-11420

CVE-2025-11420 affects code-projects E-Commerce Website 1.0. The vulnerability is a SQL injection in the /pages/edit_order_details.php handler, triggered by manipulating the order_id parameter. The issue originates from lack of input validation for an externally supplied SQL statement, allowing a...

PT-2025-41317

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0. Manipulation of the prod name argument in the file '/pages/product add.php' can lead to SQL injection. This issue may be exploited...

EUVD-2025-31383

Malicious code in bioql PyPI...

CVE-2025-11037

A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/adminindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack may be initiated remotely. The exploit has been released to th...

CVE-2025-10793

A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/adminaccountdelete.php. Performing manipulation of the argument userid results in sql injection. It is possible to initiate the attack remotely. The...

PT-2025-28405 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Site version 1.0 Description: A critical issue has been found in the code-projects E-Commerce Site, affecting an unknown function of the file /admin/users photo.php. The manipulation of the photo argument leads to...

CVE-2023-7105

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been classified as critical. Affected is an unknown function of the file indexsearch.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-7108

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

Cross site scripting

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2023-7108 code-projects E-Commerce Website user_signup.php cross site scripting

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2023-7108

CVE-2023-7108 describes a cross-site scripting vulnerability in code-projects’ E-Commerce Website 1.0. The issue resides in an unknown part of the file user_signup.php, where the argument firstname can be injected with a payload such as , enabling remote initiation of the attack. Affected product...

CVE-2023-7108 code-projects E-Commerce Website user_signup.php cross site scripting

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2023-7107 code-projects E-Commerce Website user_signup.php sql injection

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file usersignup.php. The manipulation of the argument firstname/middlename/email/address/contact/username leads to sql injection. The attac...

CVE-2023-7107

CVE-2023-7107 affects code-projects E-Commerce Website 1.0, exploiting SQL injection in the file user_signup.php. The vulnerability targets the parameters firstname, middlename, email, address, contact, and username, enabling remote manipulation of SQL queries. Impact is described with high conce...

CVE-2023-7107 code-projects E-Commerce Website user_signup.php sql injection

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file usersignup.php. The manipulation of the argument firstname/middlename/email/address/contact/username leads to sql injection. The attac...