3482 matches found
EUVD-2026-25774
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
CVE-2026-7090 code-projects Chat System send_message.php cross site scripting
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
CVE-2026-7090
CVE-2026-7090 affects code-projects Chat System 1.0 via /admin/send_message.php: the msg parameter is vulnerable to cross-site scripting. The issue arises from improper handling of the argument, enabling remote exploitation with a public exploit. No remediation details are provided in the availab...
CVE-2026-7089
CVE-2026-7089 affects code-projects Home Service System 1.0. The vulnerability targets the Appointment Booking component, specifically the /booking.php file, where manipulation of the fname/lname parameters enables cross-site scripting. The description notes remote initiation and publicly disclos...
CVE-2026-7089 code-projects Home Service System Appointment Booking booking.php cross site scripting
A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown function of the file /booking.php of the component Appointment Booking. The manipulation of the argument fname/lname leads to cross site scripting. The attack may be initiated...
CVE-2026-7089 code-projects Home Service System Appointment Booking booking.php cross site scripting
A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown function of the file /booking.php of the component Appointment Booking. The manipulation of the argument fname/lname leads to cross site scripting. The attack may be initiated...
CVE-2026-7070 code-projects Inventory Management System Login sql injection
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...
Code-Projects Employee Management System 注入漏洞
Code-Projects Employee Management System is an open-source employee management system developed by Code-Projects. Version 1.0 of the Code-Projects Employee Management System has a SQL injection vulnerability. This vulnerability arises from unknown code in the 370project/delete.php file, which...
Code-Projects Invoice System in Laravel 跨站请求伪造漏洞
Code-Projects Invoice System in Laravel is an open-source invoice system developed by Code-Projects. Version 1.0 of the Code-Projects Invoice System in Laravel contained a cross-site request forgeing vulnerability. This vulnerability was caused by an unknown function that allowed cross-site reque...
Code-Projects Invoice System in Laravel 安全漏洞
Code-Projects Invoice System in Laravel is an open-source invoice system developed by Code-Projects. Version 1.0 of the Code-Projects Invoice System in Laravel contained a security vulnerability. This vulnerability stemmed from improper handling of the /user file in the User Management Handler...
Code-Projects Invoice System in Laravel 安全漏洞
Code-Projects Invoice System in Laravel is an open-source invoice system developed by Code-Projects. Version 1.0 of the Code-Projects Invoice System in Laravel contained a security vulnerability. This vulnerability stemmed from improper handling of parameter IDs in the Invoice Endpoint component’...
PT-2026-35381
A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...
Code-Projects Online Lot Reservation System 注入漏洞
Code-Projects Online Lot Reservation System is an open-source online reservation system developed by Code-Projects. Versions of the Code-Projects Online Lot Reservation System prior to 1.0 contained a SQL injection vulnerability, which stemmed from the handling of parameters email/password in the...
Code-Projects Online Lot Reservation System 访问控制错误漏洞
The Code-Projects Online Lot Reservation System is an open-source online reservation system developed by Code-Projects. Version 1.0 of the system has a vulnerability related to access control. This vulnerability stems from the handling of the image parameter in the edithousepic.php file, which ma...
Code-Projects Inventory Management System 注入漏洞
The Code-Projects Inventory Management System is an open-source inventory management system developed by Code-Projects. Version 1.0 of the Code-Projects Inventory Management System has a vulnerability related to injection attacks. This vulnerability stems from the handling of the Username paramet...
Code-Projects Invoice System in Laravel 安全漏洞
Code-Projects Invoice System in Laravel is an open-source invoice system developed by Code-Projects. Version 1.0 of the Code-Projects Invoice System in Laravel contained a security vulnerability. This vulnerability stemmed from an unknown function in the API Endpoint component, specifically the...
Code-Projects Invoice System in Laravel 访问控制错误漏洞
Code-Projects Invoice System in Laravel is an open-source invoice system developed by Code-Projects. Version 1.0 of the Code-Projects Invoice System in Laravel contained a access control vulnerability. This vulnerability was caused by an unknown function in the /company file, which allowed...
Code-Projects Online Lot Reservation System 路径遍历漏洞
The Code-Projects Online Lot Reservation System is an open-source online reservation system developed by Code-Projects. Versions of the system prior to 1.0 contained a path traversal vulnerability. This vulnerability stemmed from the readfile function in the file/download.php, which handled the...
Code-Projects Employee Management System 注入漏洞
Code-Projects Employee Management System is an open-source employee management system developed by Code-Projects. Version 1.0 of the Code-Projects Employee Management System has a SQL injection vulnerability. This vulnerability arises from the operation of an unknown function in the...
PT-2026-35447
A vulnerability was identified in code-projects Online Lot Reservation System 1.0. Affected is an unknown function of the file /edithousepic.php. Such manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit is publicly available and might ...