3490 matches found
EUVD-2025-36669
A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...
CVE-2025-63622
A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...
CVE-2025-63622
A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...
Code-Projects Online Complaint Site 安全漏洞
Code-Projects Online Complaint Site is an online complaint site for Code-Projects. A security vulnerability exists in Code-Projects Online Complaint Site version 1.0, which stems from incorrect manipulation of the parameter category in the file /cms/admin/subcategory.php, which could lead to a SQ...
PT-2025-44307
Name of the Vulnerable Software and Affected Versions code-projects Online Complaint Site version 1.0 Description A flaw exists in the processing of the file '/cms/admin/subcategory.php' within the software. The issue involves a SQL injection that occurs due to manipulation of the category...
CVE-2025-12334
A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...
CVE-2025-12282
A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2025-12263
A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...
CVE-2025-12378 code-projects Simple Food Ordering System addproduct.php unrestricted upload
A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2025-12335
A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplierupdate.php. This manipulation of the argument suppname/suppaddress causes cross site scripting. The attack can be initiated remotely. The...
CVE-2025-12335
A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplierupdate.php. This manipulation of the argument suppname/suppaddress causes cross site scripting. The attack can be initiated remotely. The...
Code-Projects Simple Food Ordering System 代码问题漏洞
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System has a file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter photo in the file /addproduct.php. No details of the vulnerability are available at this time...
CVE-2025-12335
CVE-2025-12335 affects code-projects E-Commerce Website 1.0. The vulnerability resides in /pages/supplier_update.php where unsafely handling the supp_name and supp_address parameters enables cross-site scripting. The issue can be triggered remotely, and the exploit has been publicly disclosed. Mu...
CVE-2025-12335 code-projects E-Commerce Website supplier_update.php cross site scripting
A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplierupdate.php. This manipulation of the argument suppname/suppaddress causes cross site scripting. The attack can be initiated remotely. The...
CVE-2025-12335 code-projects E-Commerce Website supplier_update.php cross site scripting
A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplierupdate.php. This manipulation of the argument suppname/suppaddress causes cross site scripting. The attack can be initiated remotely. The...
CVE-2025-12334
A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...
CVE-2025-12333
A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12333
A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12334
CVE-2025-12334 concerns code-projects E-Commerce Website 1.0. The vulnerability is in the /pages/product_add.php file, where manipulating prod_name, prod_desc, or prod_cost enables cross-site scripting. It can be triggered remotely, and multiple sources indicate the exploit has been made public. ...
CVE-2025-12334 code-projects E-Commerce Website product_add.php cross site scripting
A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...