CVE-2025-13449

The CVE-2025-13449 entry concerns code-projects Online Shop Project 1.0. The vulnerability arises from improper handling of the Password parameter in the login.php processing, resulting in a SQL injection risk. Multiple connected sources (Red Hat, NVD, CVE lists, vulnerability enrichment) confirm...

CVE-2025-13449 code-projects Online Shop Project login.php sql injection

A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument Password results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

Code-Projects Online Shop Project 安全漏洞

Code-Projects Online Shop Project is an online store project by Code-Projects. A security vulnerability exists in code-projects Online Shop Project version 1.0, which stems from an incorrect manipulation of the parameter Password in the file /login.php, which could lead to a SQL injection attack...

PT-2025-47552

A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument Password results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

Code-Projects Courier Management System SQL注入漏洞

Code-Projects Courier Management System is a Code-Projects open source courier management system. A SQL injection vulnerability exists in Code-Projects Courier Management System version 1.0, which stems from an incorrect manipulation of the parameter OfficeName in the file /add-office.php, which...

CVE-2025-13323 code-projects Simple Pizza Ordering System listorder.php sql injection

A security flaw has been discovered in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /listorder.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public...

CVE-2025-13323 code-projects Simple Pizza Ordering System listorder.php sql injection

A security flaw has been discovered in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /listorder.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public...

Code-Projects Simple Pizza Ordering System SQL注入漏洞

Code-Projects Simple Pizza Ordering System is a Code-Projects open source simple pizza ordering system. A SQL injection vulnerability exists in Code-Projects Simple Pizza Ordering System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /listorder.php, which can...

CVE-2025-13303 code-projects Courier Management System search-edit.php sql injection

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-13302

Summary (validated by connected sources): The Courier Management System 1.0 is affected by a SQL injection in the file /add-new-officer.php, triggered by manipulating the ManagerName parameter. This vulnerability is remotely exploitable, and multiple sources report public exploitation details. Im...

CVE-2025-13290 code-projects Simple Food Ordering System saveorder.php sql injection

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /saveorder.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2025-13290

The CVE-2025-13290 issue affects Code-Projects Simple Food Ordering System 1.0, specifically the /saveorder.php file. The vulnerability is a SQL injection caused by improper handling of the ID argument, enabling remote exploitation. Publicly disclosed exploits exist. Connected sources do not prov...

CVE-2025-13290 code-projects Simple Food Ordering System saveorder.php sql injection

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /saveorder.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2025-13279 code-projects Nero Social Networking Site profilefriends.php sql injection

A vulnerability was found in code-projects Nero Social Networking Site 1.0. The affected element is an unknown function of the file /profilefriends.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made public and...

CVE-2025-13279

CVE-2025-13279 affects Nero Social Networking Site 1.0. The vulnerability is in profilefriends.php, where manipulating the ID parameter enables SQL injection due to lack of input validation. Exploitation can be conducted remotely, and public exploit code exists. Multiple colocated sources confirm...

CVE-2025-13279 code-projects Nero Social Networking Site profilefriends.php sql injection

A vulnerability was found in code-projects Nero Social Networking Site 1.0. The affected element is an unknown function of the file /profilefriends.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made public and...

CVE-2025-13277 code-projects Nero Social Networking Site friendsphoto.php sql injection

A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2025-13277 code-projects Nero Social Networking Site friendsphoto.php sql injection

A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2025-13245

A vulnerability was identified in code-projects Student Information System 2.0. The impacted element is an unknown function of the file /editprofile.php. Such manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be...

CVE-2025-13242

A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be...