3502 matches found
CVE-2025-13579
CVE-2025-13579 affects code-projects Library System 1.0, specifically the file /return.php. Multiple connected records confirm a SQL Injection vulnerability originating from the ID parameter, enabling remote exploitation. The vulnerability is widely documented across CVE feeds (NVD/NVD mirror, RH...
CVE-2025-13579 code-projects Library System return.php sql injection
A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2025-13579 code-projects Library System return.php sql injection
A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
EUVD-2025-198599
A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2025-13578
The connected CNVD/NVD entries confirm a real vulnerability in code-projects’ Library System 1.0, specifically in the Login component’s index.php. The flaw arises from unsafely handling the Username parameter, enabling remote SQL injection. The affected file is /index.php (Login), and exploitatio...
CVE-2025-13578 code-projects Library System Login index.php sql injection
A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...
CVE-2025-13578 code-projects Library System Login index.php sql injection
A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...
CVE-2025-13576
A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...
CVE-2025-13575
A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...
CVE-2025-13576
Blog Site 1.0 is affected by CVE-2025-13576 due to improper authorization in the admin.php file. The vulnerability arises from an unclear/unknown function in /admin.php that can be manipulated to bypass authorization, enabling remote exploitation. Multiple endpoints are affected, and exploitation...
CVE-2025-13576 code-projects Blog Site admin.php improper authorization
A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...
CVE-2025-13576 code-projects Blog Site admin.php improper authorization
A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...
CVE-2025-13575
CVE-2025-13575 affects code-projects Blog Site 1.0. The vulnerability is in the function category_exists in /resources/functions/blog.php (Category Handler). The issue arises from manipulation of the argument name/field, enabling SQL injection. The attack can be performed remotely and the exploit...
CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection
A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...
CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection
A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...
CVE-2025-13574
A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit...
CVE-2025-13574
The CVE-2025-13574 issue affects Code-Projects Online Bidding System 1.0, specifically the function categoryadd in /administrator/addcategory.php. Manipulating the argument catimage enables unrestricted file uploads, allowing remote exploitation. Public exploits exist according to the description...
CVE-2025-13574 code-projects Online Bidding System addcategory.php categoryadd unrestricted upload
A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit...
CVE-2025-13574 code-projects Online Bidding System addcategory.php categoryadd unrestricted upload
A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit...
Code-Projects Online Bidding System 代码问题漏洞
Code-Projects Online Bidding System is a Code-Projects open source online bidding system. Code-Projects Online Bidding System version 1.0 has a code issue vulnerability, the vulnerability stems from the file /administrator/addcategory.php function categoryadd to the parameter catimage incorrect...