CVE-2025-6902

CVE-2025-6902 affects code-projects Inventory Management System 1.0, specifically the /php_action/editUser.php endpoint where the edituserName parameter enables SQL injection. The vulnerability allows remote exploitation and was disclosed publicly. Multiple sources corroborate an SQL injection or...

CVE-2025-6901

The CVE-2025-6901 entry refers to code-projects Inventory Management System 1.0 with a SQL injection in the userid parameter of the /php_action/removeUser.php endpoint. The vulnerability is remote-exploitable and has publicly disclosed exploits. Connected sources consistently identify the affecte...

CVE-2025-6900

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6900

The CVE-2025-6900 entry affects code-projects Library System 1.0, with the flaw located in /add-book.php where the image parameter allows unrestricted file uploads. This remote, publicly disclosed vulnerability could enable attackers to upload arbitrary files. Several sources (NVD, Red Hat, CNNVD...

CVE-2025-6900 code-projects Library System add-book.php unrestricted upload

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6900 code-projects Library System add-book.php unrestricted upload

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6891

CVE-2025-6891 affects code-projects Inventory Management System 1.0. The vulnerability is a SQL injection driven by manipulating the Username argument in an unknown function within /php_action/createUser.php, and it can be exploited remotely. The exploitation is disclosed publicly in the provided...

CVE-2025-6883

A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /updateindex.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2025-6884

CVE-2025-6884 affects code-projects Staff Audit System 1.0. The vulnerability lies in the /search_index.php file, where unvalidated input in the Search parameter enables SQL injection. Reported as remote and exploitable, with public disclosure noted in multiple sources; impact is data confidentia...

CVE-2025-6884 code-projects Staff Audit System search_index.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6884 code-projects Staff Audit System search_index.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6883

Staff Audit System 1.0 contains a SQL injection vulnerability in /update_index.php via the updateid parameter. Root cause: unsanitized SQL statements from externally provided updateid. Impact: remote attacker can execute arbitrary SQL, potentially stealing data. Exploitation is publicly disclosed...

PT-2025-27429 · Unknown · Code-Projects Library System

Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability has been found in the code-projects Library System, affecting unknown code of the file /add-book.php. The manipulation of the image argument leads to unrestricted...

Code-Projects Movie Ticketing System 注入漏洞

Code-Projects Movie Ticketing System is an open source movie ticketing system from Code-Projects. An injection vulnerability exists in code-projects Movie Ticketing System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter Date in the file...

PT-2025-27414 · Code Projects · Code-Projects Movie Ticketing System

Name of the Vulnerable Software and Affected Versions: code-projects Movie Ticketing System version 1.0 Description: A critical issue affects the processing of the file "/ticketConfirmation.php". The manipulation of the Date argument leads to SQL injection. The attack may be initiated remotely...

PT-2025-27438 · Unknown · Code-Projects Car Rental System

Name of the Vulnerable Software and Affected Versions: code-projects Car Rental System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file "/signup.php". The manipulation of the fname argument leads to SQL injection. The attack can be...

PT-2025-27432 · Code Projects · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical issue affects the processing of the file /php action/removeUser.php. The manipulation of the userid argument leads to SQL injection. The attack can be initiated...

PT-2025-27435 · Unknown · Code-Projects Car Rental System

Name of the Vulnerable Software and Affected Versions: code-projects Car Rental System version 1.0 Description: A critical vulnerability was found in the code-projects Car Rental System, affecting an unknown functionality of the file /admin/approve.php. The manipulation of the ID argument leads t...

PT-2025-27415 · Code Projects · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the Username argument in an unknown function of the file /php action/createUser.ph...

Code-Projects Movie Ticketing System 注入漏洞

Code-Projects Movie Ticketing System is Code-Projects open source movie ticketing system. Code-Projects Movie Ticketing System version 1.0 suffers from an injection vulnerability that originates from a SQL injection due to a misuse of the parameter postName in the file /logIn.php...