3482 matches found
CVE-2024-4972
The CVE-2024-4972 entry concerns code-projects Simple Chat System 1.0. Affected component: login.php, where manipulating the email/password parameters enables SQL injection. This vulnerability is exploitable remotely, and public disclosures exist. Connected documents identify the affected product...
PT-2024-33660 · Unknown · Code-Projects Simple Chat System
Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A problematic issue was found in the code-projects Simple Chat System, affecting an unknown function of the file /register.php. The manipulation of the name argument leads to cross-sit...
CVE-2024-34954
Code-projects Budget Management 1.0 is vulnerable to Cross Site Scripting XSS via the budget parameter...
CVE-2024-34954
Code-projects Budget Management 1.0 is vulnerable to Cross Site Scripting XSS via the budget parameter...
CVE-2024-34955
Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter...
CVE-2024-34955
Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter...
CVE-2024-34955
CVE-2024-34955 affects Code-projects Budget Management 1.0. The vulnerability is SQL Injection via the delete parameter in the application, with a CVSS v3.1 base score of 9.8 (Critical); impact on confidentiality, integrity, and availability is High. Exploitation is possible without authenticatio...
CVE-2024-34955
Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter...
CVE-2024-34954
Code-projects Budget Management 1.0 is vulnerable to Cross Site Scripting XSS via the budget parameter...
CVE-2024-34954
CVE-2024-34954 affects Code-projects Budget Management 1.0. The vulnerability is Cross Site Scripting (XSS) exploitable via the budget parameter. According to the CVE, the base CVSS v3.1 score is 6.1 (Medium): Network attack vector, no privileges, user interaction required, with confidentiality/i...
PT-2024-26269 · Unknown · Code-Projects Budget Management
Name of the Vulnerable Software and Affected Versions: Code-projects Budget Management version 1.0 Description: The issue concerns Cross Site Scripting XSS via the budget parameter. This allows for potential malicious script injection, affecting the security of the application. Recommendations: F...
PT-2024-26270 · Unknown · Code-Projects Budget Management
Name of the Vulnerable Software and Affected Versions: Code-projects Budget Management version 1.0 Description: The issue is related to SQL Injection, which occurs via the delete parameter. This allows for potential manipulation of database queries. Recommendations: For Code-projects Budget...
CVE-2024-28279
Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=...
College Management System SQL注入漏洞
College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to the university. An SQL injection vulnerability exists in College Management System version 1.0, which stems from an SQL injection...
CVE-2024-28279
Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=...
CVE-2024-28279
CVE-2024-28279 affects Code-projects Computer Book Store 1.0. The vulnerability is an SQL Injection exploitable via the endpoint book.php?bookisbn=, enabling remote manipulation. Several connected sources confirm the issue and indicate high risk (CVSS v3.1: 7.3, HIGH). Remediation/immediate actio...
PT-2024-22377 · Unknown · Code-Projects Computer Book Store
Name of the Vulnerable Software and Affected Versions: Code-projects Computer Book Store version 1.0 Description: The issue allows for SQL Injection, which can be exploited via the "book.php?bookisbn=" endpoint. An attacker can manipulate this endpoint remotely. It is estimated that a significant...
CVE-2024-31610
File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file...
CVE-2024-31610
File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file...
Code-Projects Simple School Management System 安全漏洞
Code-Projects Simple School Management System is an open source school management system from Code-Projects. A security vulnerability exists in Code-Projects Simple School Management System v1.0, which originates from a file upload vulnerability in the upload avatars feature. An attacker can...