3490 matches found
CVE-2025-14205 code-projects Chamber of Commerce Membership Management System Your Info membership_profile.php cross site scripting
A vulnerability was found in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is an unknown function of the file /membershipprofile.php of the component Your Info Handler. Performing manipulation of the argument Full Name/Address/City/State results in cross site...
CVE-2025-14203
A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and m...
CVE-2025-14203 code-projects Question Paper Generator selectquestionuser.php sql injection
A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and m...
CVE-2025-14203 code-projects Question Paper Generator selectquestionuser.php sql injection
A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and m...
CVE-2025-14203
CVE-2025-14203 affects Code-Projects Question Paper Generator up to version 1.0, with the vulnerability residing in the file /selectquestionuser.php. The root cause is improper handling/manipulation of the subid parameter, enabling SQL injection. This flaw allows remote exploitation, and an explo...
EUVD-2025-201604
A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2025-14195
A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2025-14195
A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2025-14195 code-projects Employee Profile Management System add_file_query.php unrestricted upload
A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2025-14195
CVE-2025-14195 affects code-projects Employee Profile Management System 1.0. The vulnerability is tied to the per_file parameter in /profiling/add_file_query.php, where improper validation allows unrestricted file upload. This could enable remote attackers to upload arbitrary files. The exploit i...
CVE-2025-14194 code-projects Employee Profile Management System view_personnel.php cross site scripting
A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...
PT-2025-49408
A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/add file query.php. The manipulation of the argument per file results in unrestricted upload. The attack may be launched remotely. The exploit has be...
Code-Projects Employee Profile Management System 代码问题漏洞
Employee Profile Management System is an employee profile management system. Employee Profile Management System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter perfile in the file /profiling/addfilequery.php. No details of the...
Code-Projects Question Paper Generator SQL注入漏洞
Code-Projects Question Paper Generator is a Code-Projects open source question paper generation software. Code-Projects Question Paper Generator 1.0 and earlier versions have a SQL injection vulnerability that stems from improper handling of the parameter subid in the file /selectquestionuser.php...
CVE-2025-60736
code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...
CVE-2025-60736
code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...
CVE-2025-13583
A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...
CVE-2025-13585
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2025-13585 itsourcecode COVID Tracking System login.php sql injection
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2025-13585 itsourcecode COVID Tracking System login.php sql injection
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...