CVE-2025-12262

Vulnerability summary (CVE-2025-12262) : The code-projects Online Event Judging System 1.0 is affected. The SQL injection originates from unsafely handling the parameter crit_id in the file /edit_criteria.php , enabling remote exploitation. Multiple connected sources (CNVD/CNNVD/Red Hat advisory ...

CVE-2025-12256 code-projects Online Event Judging System edit_contestant.php sql injection

A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...

CVE-2025-12255

CVE-2025-12255 affects code-projects Online Event Judging System 1.0. A SQL injection flaw originates from the lack of validation of the fullname parameter in /add_contestant.php. The vulnerability allows remote execution of arbitrary SQL commands and may lead to data theft or modification; an ex...

CVE-2025-12255 code-projects Online Event Judging System add_contestant.php sql injection

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /addcontestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been release...

CVE-2025-12254

The CVE-2025-12254 entry concerns code-projects Online Event Judging System 1.0, with a SQL injection vulnerability in the add_judge.php handler caused by unsanitized input through the fullname parameter. Multiple connected sources describe this flaw as allowing remote exploitation to execute arb...

CVE-2025-12254 code-projects Online Event Judging System add_judge.php sql injection

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

CVE-2025-12254 code-projects Online Event Judging System add_judge.php sql injection

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

CVE-2025-12252

Summary: Multiple sources confirm a SQL injection in Code-Projects Online Event Judging System 1.0, arising from /ajax/action.php via manipulation of the content parameter. This is an externally exploitable, remote flaw with public exploit presence. Concrete details across CNVD-2025-26165, RH-CVE...

CVE-2025-12252 code-projects Online Event Judging System action.php sql injection

A vulnerability was found in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /ajax/action.php. The manipulation of the argument content results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-12252 code-projects Online Event Judging System action.php sql injection

A vulnerability was found in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /ajax/action.php. The manipulation of the argument content results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-12244

The CVE-2025-12244 entry affects Code-Projects Simple E-Banking System 1.0. The vulnerable component is the file /eBank/register.php, where manipulation of the Username argument can trigger cross-site scripting. The issue is exploitable remotely and an exploit has been publicly disclosed. While m...

CVE-2025-12244 code-projects Simple E-Banking System register.php cross site scripting

A vulnerability was determined in code-projects Simple E-Banking System 1.0. This affects an unknown part of the file /eBank/register.php. Executing manipulation of the argument Username can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed...

CVE-2025-12243 code-projects Client Details System GET Parameter welcome.php sql injection

A vulnerability was found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the file clientdetails/welcome.php of the component GET Parameter Handler. Performing manipulation of the argument ID results in sql injection. The attack may be initiated...

CVE-2025-12243 code-projects Client Details System GET Parameter welcome.php sql injection

A vulnerability was found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the file clientdetails/welcome.php of the component GET Parameter Handler. Performing manipulation of the argument ID results in sql injection. The attack may be initiated...

CVE-2025-12243

CVE-2025-12243 affects code-projects Client Details System 1.0. The vulnerability is in the GET Parameter Handler, specifically the file clientdetails/welcome.php; manipulating the ID parameter can cause SQL injection. The issue is exploitable remotely, and exploits have been published. Multiple ...

EUVD-2025-36099

A security flaw has been discovered in code-projects Automated Voting System 1.0. The affected element is an unknown function of the file /admin/user.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-12238 code-projects Automated Voting System user.php sql injection

A security flaw has been discovered in code-projects Automated Voting System 1.0. The affected element is an unknown function of the file /admin/user.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-12238

CVE-2025-12238 affects code-projects Automated Voting System 1.0, specifically the /admin/user.php file where manipulation of the Username parameter enables SQL injection. Multiple connected sources confirm remote exploitation potential and public release of the exploit. CNA/VulDB data indicate a...

CVE-2025-12238 code-projects Automated Voting System user.php sql injection

A security flaw has been discovered in code-projects Automated Voting System 1.0. The affected element is an unknown function of the file /admin/user.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

PT-2025-43952

Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A security issue exists in code-projects Client Details System 1.0 related to the processing of the /update-clients.php file. Manipulation of this file can lead to cross site scriptin...