CVE-2025-10104

The CVE-2025-10104 entry concerns code-projects Online Event Judging System 1.0. Affected is the /review_search.php component where the txtsearch parameter can be manipulated to perform SQL injection. The vulnerability enables remote exploitation, and multiple sources note that the exploit has be...

CVE-2025-10104 code-projects Online Event Judging System review_search.php sql injection

A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /reviewsearch.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-10104 code-projects Online Event Judging System review_search.php sql injection

A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /reviewsearch.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-10102

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

CVE-2025-10103

CVE-2025-10103 affects code-projects Online Event Judging System 1.0. The vulnerability is a SQL injection in the /home.php file caused by manipulation of the main_event argument, potentially exploitable remotely. Multiple connected sources confirm this issue and note that the exploit has been pu...

CVE-2025-10102

The CVE-2025-10102 entry concerns code-projects Online Event Judging System 1.0. The vulnerability is a SQL injection in the /index.php file caused by manipulating the Username parameter; it is exploitable remotely and the exploit has been publicly released. Multiple connected sources corroborate...

CVE-2025-10102 code-projects Online Event Judging System index.php sql injection

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

CVE-2025-10102 code-projects Online Event Judging System index.php sql injection

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

Code-Projects Online Event Judging System 安全漏洞

Code-Projects Online Event Judging System is an open source online event judging system from Code-Projects. A security vulnerability exists in code-projects Online Event Judging System version 1.0, which stems from a SQL injection due to incorrect manipulation of the mainevent parameter...

CVE-2025-9929 code-projects Responsive Blog Site blogs_view.php cross site scripting

A weakness has been identified in code-projects Responsive Blog Site 1.0. This affects an unknown function of the file blogsview.php. Executing manipulation of the argument productcode/genname/productname/supplier can lead to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2025-9929

The CVE-2025-9929 entry concerns Code-Projects Responsive Blog Site 1.0. A vulnerability in blogs_view.php arises from improper manipulation of the parameters product_code, gen_name, product_name, and supplier, enabling cross-site scripting. The issue appears exploitable remotely and an exploit h...

CVE-2025-9929 code-projects Responsive Blog Site blogs_view.php cross site scripting

A weakness has been identified in code-projects Responsive Blog Site 1.0. This affects an unknown function of the file blogsview.php. Executing manipulation of the argument productcode/genname/productname/supplier can lead to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2025-9921 code-projects POS Pharmacy System products.php cross site scripting

A weakness has been identified in code-projects POS Pharmacy System 1.0. Affected is an unknown function of the file /main/products.php. This manipulation of the argument productcode/genname/productname/supplier causes cross site scripting. The attack can be initiated remotely. The exploit has be...

CVE-2025-9921

CVE-2025-9921 affects Code-projects POS Pharmacy System 1.0. The vulnerability is a cross-site scripting (XSS) flaw in an unknown function of the file /main/products.php, triggered by manipulating one or more arguments—product_code, gen_name, product_name, or supplier. The issue can be exploited ...

Code-Projects POS Pharmacy System 安全漏洞

Code-Projects POS Pharmacy System is a pos pharmacy system from Code-Projects open source. A security vulnerability exists in Code-Projects POS Pharmacy System version 1.0, which originates from a cross-site scripting attack due to incorrect manipulation of the parameters...

CVE-2025-9841 code-projects Mobile Shop Management System AddNewProduct.php unrestricted upload

A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit...

CVE-2025-9741

A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /loginquery12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-9741

A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /loginquery12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-9742 code-projects Human Resource Integrated System login.php sql injection

A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2025-9742

CVE-2025-9742 affects code-projects' Human Resource Integrated System 1.0. The vulnerability arises from improper handling of the login.php input, where manipulation of the user/pass parameters enables SQL injection. Impact stated in sources includes potential remote exploitation and data exposur...