Code-Projects Simple Photo Gallery 安全漏洞

Code-Projects Simple Photo Gallery is a simple photo gallery system from Code-Projects open source. A security vulnerability exists in Code-Projects Simple Photo Gallery version 1.0, which stems from an unlimited upload due to incorrect manipulation of the parameter fileimg in file/upload-photo.p...

PT-2025-27353 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file "/forum1.php". The manipulation of the File argument leads to SQL injection. This issue can be exploited...

PT-2025-27349 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue was found in the code, affecting the /forum edit.php file. The manipulation of the iii argument leads to SQL injection. This issue can be exploited remotely. Recommendations...

PT-2025-27375 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been discovered, affecting the /forum downloadfile.php file. The manipulation of the filename argument leads to path traversal. This issue can be initiated remotely...

PT-2025-27337 · Unknown · Code-Projects Library System

Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability was found in the code-projects Library System, affecting an unknown functionality of the file /profile.php. The manipulation of the image argument leads to...

PT-2025-27341 · Code Projects · Code-Projects Product Inventory System

Name of the Vulnerable Software and Affected Versions: code-projects Product Inventory System version 1.0 Description: A critical vulnerability was found in the code-projects Product Inventory System. This issue affects the Login component, specifically the file /index.php. The manipulation of th...

PT-2025-27343 · Code Projects · Code-Projects Product Inventory System

Name of the Vulnerable Software and Affected Versions: code-projects Product Inventory System version 1.0 Description: A critical issue affects the processing of the file "/admin/edit user.php". The manipulation of the ID argument leads to SQL injection. The attack can be initiated remotely...

PT-2025-27345 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical vulnerability was found in the code-projects Simple Forum. The issue affects an unknown functionality of the file /signin.php. The manipulation of the User argument leads to SQL...

PT-2025-27352 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A problem was found in an unknown function of the file /forum edit1.php. The manipulation of the argument text leads to cross site scripting. It is possible to launch the attack remotely. Th...

Code-Projects Product Inventory System 注入漏洞

Code-Projects Product Inventory System is a Code-Projects open source product inventory system. Code-Projects Product Inventory System version 1.0 suffers from an injection vulnerability, which stems from an incorrect manipulation of the parameter Username in the file /index.php resulting in SQL...

PT-2025-27344 · Unknown · Code-Projects Simple Photo Gallery

Name of the Vulnerable Software and Affected Versions: code-projects Simple Photo Gallery version 1.0 Description: A critical issue was found in the code-projects Simple Photo Gallery. The problem is related to an unknown function of the file /upload-photo.php. The manipulation of the file img...

PT-2025-27351 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been found in the processing of the file /forum1.php, allowing unrestricted upload through the manipulation of the File argument. This can be initiated remotely. The...

PT-2025-27348 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been discovered, affecting an unknown part of the file /forum viewfile.php. The manipulation of the Name argument leads to SQL injection. This issue can be exploited...

PT-2025-27335 · Unknown · Code-Projects Library System

Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical issue affects the processing of the file "/student-issue-book.php". The manipulation of the reg argument leads to SQL injection. The attack may be initiated remotely...

CVE-2025-6834 code-projects Inventory Management System editPayment.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-6828

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-6828

CVE-2025-6828 affects code-projects Inventory Management System 1.0, with SQL injection in /orders.php via the i parameter. Root cause: unsafely handled input in orders.php allows remote attacker to manipulate SQL statements. Multiple sources (NVD, RH) describe it as critical with remote, unauthe...

CVE-2025-6827 code-projects Inventory Management System editOrder.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /phpaction/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-6827

The CVE-2025-6827 entry pertains to code-projects Inventory Management System 1.0. The vulnerability is in /php_action/editOrder.php and is caused by insufficient input filtering, leading to a SQL injection. Impact is described as remote, with high/critical potential across confidentiality, integ...

CVE-2025-6826

The CVE-2025-6826 entry concerns code-projects Payroll Management System 1.0 where the vulnerability resides in /Payroll_Management_System/ajax.php?action=save_department. The root cause is an SQL injection caused by manipulation of the ID parameter, enabling remote exploitation. Public disclosur...