CVE-2026-6166

CVE-2026-6166 affects code-projects Vehicle Showroom Management System 1.0. The vulnerability is in the file /util/UpdateVehicleFunction.php where manipulation of the argument VEHICLE_ID leads to SQL injection . It can be triggered remotely and the exploit has been publicly disclosed. Connected d...

CVE-2026-6166 code-projects Vehicle Showroom Management System UpdateVehicleFunction.php sql injection

A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipulation of the argument VEHICLEID leads to sql injection. The attack may be initiated remotely. The...

CVE-2026-6164

Code-projects Lost and Found Thing Management 1.0 contains a SQL injection in an unknown area of /addcat.php via the cata argument. This vulnerability can be triggered remotely and is substantiated by public exploit activity. The CVE-2026-6164 details, as tracked by NVD and CVE records, show a ne...

CVE-2026-6164 code-projects Lost and Found Thing Management addcat.php sql injection

A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the publi...

CVE-2026-6163

CVE-2026-6163 : In code-projects Lost and Found Thing Management 1.0, manipulation of the argument cat in /catageory.php enables SQL injection via an unsanitized input parameter. The issue is exploitable remotely and the exploit is publicly available. The CVSS metrics in the connected documents i...

CVE-2026-6163 code-projects Lost and Found Thing Management catageory.php sql injection

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2026-6163 code-projects Lost and Found Thing Management catageory.php sql injection

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2026-6161 code-projects Simple ChatBox Endpoint insert.php sql injection

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-6161 code-projects Simple ChatBox Endpoint insert.php sql injection

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-6160 code-projects Simple ChatBox Endpoint chatbox.sql SimpleChatbox_PHP file information disclosure

A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatboxPHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the attack remotely. T...

CVE-2026-6160 code-projects Simple ChatBox Endpoint chatbox.sql SimpleChatbox_PHP file information disclosure

A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatboxPHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the attack remotely. T...

CVE-2026-6159 code-projects Simple ChatBox Endpoint insert.php cross site scripting

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from...

CVE-2026-6159 code-projects Simple ChatBox Endpoint insert.php cross site scripting

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from...

EUVD-2026-21780

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-6153

The vulnerability CVE-2026-6153 affects code-projects Vehicle Showroom Management System 1.0. The flaw resides in the unknown function in /util/StaffDetailsFunction.php, where manipulation of the STAFF_ID parameter enables an SQL injection. The issue is exploitable remotely, and publicly availabl...

CVE-2026-6151 code-projects Vehicle Showroom Management System PaymentStatusFunction.php sql injection

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-6151 code-projects Vehicle Showroom Management System PaymentStatusFunction.php sql injection

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-6150 code-projects Simple Laundry System checkupdatestatus.php cross site scripting

A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument serviceId leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

CVE-2026-6150 code-projects Simple Laundry System checkupdatestatus.php cross site scripting

A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument serviceId leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

CVE-2026-6148

The CVE-2026-6148 entry concerns code-projects Vehicle Showroom Management System 1.0. The vulnerability affects the file /util/MonthTotalReportUpdateFunction.php where manipulation of the BRANCH_ID argument enables a SQL injection. This is described as exploitable remotely, with the exploit publ...