3482 matches found
CVE-2026-2912 code-projects Online Reviewer System studentresult-view.php sql injection
A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument testid results in sql injection. It is possible to launch the attack remotely. Th...
CVE-2026-2912
CVE-2026-2912 affects code-projects Online Reviewer System v1.0. The vulnerability is in /system/system/students/assessments/results/studentresult-view.php, where manipulating the test_id argument triggers SQL injection. Exploitation is remote, and public exploitation has been reported. Multiple ...
CVE-2026-2912 code-projects Online Reviewer System studentresult-view.php sql injection
A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument testid results in sql injection. It is possible to launch the attack remotely. Th...
CVE-2026-2706
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
Code-Projects Patient Record Management System 安全漏洞
The Code-Projects Patient Record Management System is an open-source medical record management system developed by Code-Projects. Version 1.0 of the Code-Projects Patient Record Management System contains a security vulnerability. This vulnerability stems from incorrect handling of the compid...
CVE-2025-70152
code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/saveuser.php and /admin/updateuser.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters firstname, lastname,...
CVE-2026-2224
A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-2214
A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...
CVE-2026-2199
A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated...
CVE-2026-2224
CVE-2026-2224 affects code-projects Online Reviewer System 1.0. The vulnerability is a cross-site scripting (XSS) in the file /system/system/admins/manage/users/btn_functions.php, where manipulating the firstname argument enables a remote attack. Several connected sources confirm the issue and in...
CVE-2026-2224
A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-2224 code-projects Online Reviewer System btn_functions.php cross site scripting
A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-2223 code-projects Online Reviewer System index.php sql injection
A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/take/index.php. The manipulation of the argument ID leads to sql injection. It is possible to initia...
CVE-2026-2222
The CVE-2026-2222 entry concerns code-projects Online Reviewer System 1.0. Affected: the file /system/system/admins/manage/users/btn_functions.php. Issue: manipulation of the firstname argument enables cross-site scripting (XSS). The attack can be performed remotely and the exploit is publicly av...
CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting
A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...
CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting
A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...
CVE-2026-2133
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2221
The CVE-2026-2221 entry concerns code-projects Online Reviewer System 1.0, specifically the Login component’s file /login/index.php. The vulnerability is a SQL injection caused by manipulating the Username argument, enabling remote exploitation. Public exploits exist. Impact is described as high ...