3490 matches found
CVE-2025-11613
The CVE-2025-11613 issue affects the Simple Food Ordering System (version 1.0), specifically the /addcategory.php file. Reports consistently identify a SQL injection vulnerability arising from unsafely handling the cname parameter, enabling remote exploitation. Public exploit details are noted in...
CVE-2025-11612
CVE-2025-11612 affects the Simple Food Ordering System 1.0, specifically the /addproduct.php script. The root cause is a lack of validation of the Category parameter, allowing an SQL injection that can be exploited remotely. Public exploit details exist. Several connected sources corroborate the ...
CVE-2025-11612 code-projects Simple Food Ordering System addproduct.php sql injection
A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and m...
CVE-2025-11608 code-projects E-Banking System POST Parameter register.php sql injection
A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack...
CVE-2025-11608 code-projects E-Banking System POST Parameter register.php sql injection
A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack...
CVE-2025-11605
A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...
CVE-2025-11605
The CVE-2025-11605 entry concerns code-projects Client Details System 1.0. The vulnerability is in the file /admin/update-profile.php, where manipulation of the uid parameter leads to an SQL injection. It is exploitable remotely, and the exploit is publicly available. Affected component: /admin/u...
CVE-2025-11605 code-projects Client Details System update-profile.php sql injection
A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...
CVE-2025-11605 code-projects Client Details System update-profile.php sql injection
A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...
CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...
CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...
CVE-2025-11600
The CVE-2025-11600 entry corresponds to a SQL injection in code-projects Simple Food Ordering System 1.0, specifically in the editcategory.php file where the cname parameter is not validated. This vulnerability enables remote attackers to manipulate SQL statements via the cname argument, potentia...
CVE-2025-11597
A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...
CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...
CVE-2025-11597
Summary: CVE-2025-11597 affects the code-projects E-Commerce Website 1.0. The vulnerability resides in the file /pages/product_add_qty.php, where the argument prod_id is not validated, leading to SQL injection. Multiple sources corroborate a remote-exploit scenario with publicly available exploit...
CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...
CVE-2025-11596
A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...
CVE-2025-11596 code-projects E-Commerce Website delete_order_details.php sql injection
A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...
CVE-2025-11596 code-projects E-Commerce Website delete_order_details.php sql injection
A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...
PT-2025-41685
Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 where manipulation of the prod id argument in the file /pages/product add qty.php can lead to SQL injection. This issue is potential...