CVE-2025-14663

The CVE-2025-14663 entry relates to code-projects' Student File Management System 1.0 and an XSS vulnerability in the /admin/update_student.php endpoint. The connected CNVD/NVD entries corroborate a cross-site scripting flaw arising from insufficient input filtering/escaping of user-supplied data...

CVE-2025-14663 code-projects Student File Management System update_student.php cross site scripting

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-14662 code-projects Student File Management System Update User update_user.php cross site scripting

A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made...

CVE-2025-14662

code-projects Student File Management System 1.0 is affected by a Cross-Site Scripting (XSS) vulnerability in the Update User Page, specifically /admin/update_user.php. The flaw arises from an improper handling/manipulation of input, enabling remote attackers to trigger XSS. Multiple connected so...

CVE-2025-14662 code-projects Student File Management System Update User update_user.php cross site scripting

A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made...

CVE-2025-14647 code-projects Computer Book Store admin_delete.php sql injection

A weakness has been identified in code-projects Computer Book Store 1.0. Affected is an unknown function of the file /admindelete.php. This manipulation of the argument bookisbn causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public...

CVE-2025-14647 code-projects Computer Book Store admin_delete.php sql injection

A weakness has been identified in code-projects Computer Book Store 1.0. Affected is an unknown function of the file /admindelete.php. This manipulation of the argument bookisbn causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public...

CVE-2025-14647

CVE-2025-14647 affects Code-Projects Computer Book Store 1.0. The vulnerability is an SQL injection in the file /admin_delete.php, caused by manipulating the bookisbn parameter in an unknown function. The issue can be exploited remotely and is documented as having public exploits. Various sources...

CVE-2025-14646 code-projects Student File Management System delete_student.php sql injection

A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/deletestudent.php. The manipulation of the argument studid results in sql injection. The attack may be performed from remote. The exploit has been released ...

CVE-2025-14646

The CVE-2025-14646 entry describes a SQL injection in code-projects Student File Management System 1.0, triggered by manipulating the stud_id parameter in /admin/delete_student.php. Connected documents (CNVD-2026-00828, RH:CVE-2025-14646, CNNVD-202512-2597, VULNRICHMENT/CVE-2025-14646, PT-2025-51...

CVE-2025-14646 code-projects Student File Management System delete_student.php sql injection

A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/deletestudent.php. The manipulation of the argument studid results in sql injection. The attack may be performed from remote. The exploit has been released ...

CVE-2025-14645 code-projects Student File Management System delete_user.php sql injection

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/deleteuser.php. The manipulation of the argument userid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-14645

CVE-2025-14645 affects code-projects Student File Management System 1.0. The vulnerability resides in the /admin/delete_user.php function where manipulating the user_id parameter allows SQL injection. Several connected sources confirm remote exploitation with a publicly available exploit, and mul...

EUVD-2025-203277

A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technicalstaffpic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the publi...

EUVD-2025-203276

A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/adminpic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be use...

CVE-2025-14642

A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technicalstaffpic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the publi...

CVE-2025-14641

A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/adminpic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be use...

CVE-2025-14643 code-projects Simple Attendance Record System check.php sql injection

A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2025-14643 code-projects Simple Attendance Record System check.php sql injection

A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2025-14642 code-projects Computer Laboratory System technical_staff_pic.php unrestricted upload

A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technicalstaffpic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the publi...