CVE-2026-0592 code-projects Online Product Reservation System User Registration register_code.php sql injection

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This affects an unknown function of the file /handgunner-administrator/registercode.php of the component User Registration Handler. Performing a manipulation of the argument...

CVE-2026-0592 code-projects Online Product Reservation System User Registration register_code.php sql injection

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This affects an unknown function of the file /handgunner-administrator/registercode.php of the component User Registration Handler. Performing a manipulation of the argument...

CVE-2026-0589

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

CVE-2026-0591

Code-projects Online Product Reservation System 1.0 contains a SQL injection vulnerability in the Cart Update Handler, specifically in the /app/checkout/update.php file’s unknown function. Manipulating the id/qty parameter can trigger the injection, enabling remote exploitation. Public exploit/Po...

CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

CVE-2026-0590 code-projects Online Product Reservation System POST Parameter delete.php sql injection

A vulnerability was determined in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file /app/checkout/delete.php of the component POST Parameter Handler. This manipulation of the argument ID causes sql injection. It is possible to initiate th...

CVE-2026-0590 code-projects Online Product Reservation System POST Parameter delete.php sql injection

A vulnerability was determined in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file /app/checkout/delete.php of the component POST Parameter Handler. This manipulation of the argument ID causes sql injection. It is possible to initiate th...

CVE-2026-0590

Code-projects Online Product Reservation System 1.0 is affected in /app/checkout/delete.php where the POST Parameter Handler manipulates the ID argument, causing SQL injection. The vulnerability is exploitable remotely and exploits have been publicly disclosed. Remediation guidance from connected...

CVE-2026-0589

The CVE-2026-0589 entry concerns code-projects Online Product Reservation System 1.0, specifically the Administration Backend. The documented issue is improper authentication within an unknown function of the Admin Backend that can be triggered remotely. Public exploit information exists, with ex...

CVE-2026-0589 code-projects Online Product Reservation System Administration Backend improper authentication

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

CVE-2026-0589 code-projects Online Product Reservation System Administration Backend improper authentication

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

CVE-2026-0586

CVE-2026-0586 affects code-projects Online Product Reservation System 1.0. The vulnerability is in file handgunner-administrator/prod.php, in an unknown function, where manipulating the cat argument enables cross-site scripting. The attack is remote andthe exploit is public. Documented impact is ...

CVE-2026-0586 code-projects Online Product Reservation System prod.php cross site scripting

A vulnerability was detected in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file handgunner-administrator/prod.php. Performing a manipulation of the argument cat results in cross site scripting. The attack is possible to be carried out...

CVE-2026-0586 code-projects Online Product Reservation System prod.php cross site scripting

A vulnerability was detected in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file handgunner-administrator/prod.php. Performing a manipulation of the argument cat results in cross site scripting. The attack is possible to be carried out...

CVE-2026-0584

A weakness has been identified in code-projects Online Product Reservation System 1.0. This issue affects some unknown processing of the file app/products/leftcart.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-0585 code-projects Online Product Reservation System GET Parameter order_view.php sql injection

A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the file /orderview.php of the component GET Parameter Handler. Such manipulation of the argument transactionid leads to sql injection. The attack can be executed...

CVE-2026-0585 code-projects Online Product Reservation System GET Parameter order_view.php sql injection

A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the file /orderview.php of the component GET Parameter Handler. Such manipulation of the argument transactionid leads to sql injection. The attack can be executed...

CVE-2026-0585

The CVE-2026-0585 entry concerns code-projects Online Product Reservation System 1.0. It identifies a vulnerability in the GET Parameter Handler, specifically manipulating the transaction_id argument in /order_view.php to trigger SQL injection. The flaw is exploitable remotely and has publicly di...

CVE-2026-0584

CVE-2026-0584 affects code-projects Online Product Reservation System 1.0. The vulnerability resides in the file app/products/left_cart.php where improper handling of the ID parameter enables SQL injection. This allows remote exploitation; multiple sources indicate the exploit is publicly availab...