CVE-2025-14622 code-projects Student File Management System save_user.php sql injection

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...

CVE-2025-14622

Code-projects Student File Management System 1.0 has a SQL injection vulnerability in /admin/save_user.php via the firstname parameter. The issue allows remote exploitation, and public exploits have been released. Multiple connected sources confirm the vulnerability but do not provide a confirmed...

CVE-2025-14621

Summary: CVE-2025-14621 affects Code-Projects’ Student File Management System 1.0. The vulnerability lies in the /admin/update_user.php file where the user_id parameter is not properly validated, enabling SQL injection. Remote exploitation is possible, and an exploit is publicly available. Variou...

CVE-2025-14621 code-projects Student File Management System update_user.php sql injection

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php. The manipulation of the argument userid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-14620

CVE-2025-14620 affects code-projects Student File Management System 1.0. The vulnerability resides in the /admin/login_query.php component, where manipulation of the Username parameter enables SQL injection. The issue appears to be exploitable remotely, and publicly disclosed exploit details exis...

CVE-2025-14620 code-projects Student File Management System login_query.php sql injection

A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/loginquery.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit h...

CVE-2025-14619

CVE-2025-14619 affects code-projects’ Student File Management System 1.0. The vulnerability is a SQL injection in the login_query.php file, triggered by manipulating the stud_no argument. Exploitation can be remote, and public exploits exist. The affected functionality is described only as unknow...

CVE-2025-14589 code-projects Prison Management System search.php sql injection

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

CVE-2025-14589

Summary (CVE-2025-14589) : The “code-projects Prison Management System 2.0” is affected by a SQL injection vulnerability in the file /admin/search.php, triggered by manipulating the parameter keyname . The underlying cause is lack of validation of externally supplied SQL, enabling remote exploita...

Code-Projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /admin/saveuser.php. An...

Code-Projects Prison Management System SQL注入漏洞

Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search1.php. An attacker can exploit this...

code-projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter Username in the file /admin/loginquery.php. An...

Code-Projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. A SQL injection vulnerability exists in Student File Management System, which originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /admin/updateuser.php. An attacker ca...

PT-2025-51127

Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description A flaw exists in the Student File Management System that allows for remote SQL injection. The issue is located in the login query.php file, specifically through manipulation ...

Code-Projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter studentid in the file /admin/updatestudent.php. An...

Code-Projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter studentno in the file loginquery.php. An attacker can...

CVE-2025-14537

A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argument courseyearsection/semester causes sql injection. Remote exploitation of the attack is possible...

CVE-2025-14537

A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argument courseyearsection/semester causes sql injection. Remote exploitation of the attack is possible...

CVE-2025-14537

Concrete details from connected documents show a SQL injection vulnerability in code-projects Class and Exam Timetable Management 1.0, specifically in the /preview7.php file where the parameter course_year_section/semester is not validated. This allows remote exploitation and may enable retrieval...

CVE-2025-14537 code-projects Class and Exam Timetable Management preview7.php sql injection

A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argument courseyearsection/semester causes sql injection. Remote exploitation of the attack is possible...