CVE-2025-14250 code-projects Online Ordering System user_contact.php sql injection

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14250 code-projects Online Ordering System user_contact.php sql injection

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14249

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /userschool.php. The manipulation of the argument productid results in sql injection. The attack may be performed from remote. The exploit has been released to...

CVE-2025-14249 code-projects Online Ordering System user_school.php sql injection

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /userschool.php. The manipulation of the argument productid results in sql injection. The attack may be performed from remote. The exploit has been released to...

CVE-2025-14249

CVE-2025-14249 corresponds to code-projects Online Ordering System 1.0 and is tied to a SQL injection in the parameter product_id in /user_school.php. The vulnerability arises from lack of input validation, enabling remote exploitation that may disclose or alter database data. Multiple connected ...

CVE-2025-14249 code-projects Online Ordering System user_school.php sql injection

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /userschool.php. The manipulation of the argument productid results in sql injection. The attack may be performed from remote. The exploit has been released to...

CVE-2025-14248

CVE-2025-14248 affects code-projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in adminlogin.php triggered by manipulating the admin_username parameter. The risk is remote and the exploit is publicly available. Multiple sources corroborate the issue and describe it as origina...

CVE-2025-14248 code-projects Simple Shopping Cart adminlogin.php sql injection

A vulnerability was identified in code-projects Simple Shopping Cart 1.0. Impacted is an unknown function of the file /adminlogin.php. The manipulation of the argument adminusername leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14248 code-projects Simple Shopping Cart adminlogin.php sql injection

A vulnerability was identified in code-projects Simple Shopping Cart 1.0. Impacted is an unknown function of the file /adminlogin.php. The manipulation of the argument adminusername leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14247

Product/Component : Simple Shopping Cart 1.0 (code-projects). Vulnerability : SQL injection in /Admin/additems.php caused by unvalidated manipulation of the item_name parameter. This issue enables remote execution of SQL statements and can lead to data leakage or modification as described across ...

CVE-2025-14247 code-projects Simple Shopping Cart additems.php sql injection

A vulnerability was determined in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the file /Admin/additems.php. Executing manipulation of the argument itemname can lead to sql injection. The attack can be executed remotely. The exploit has been publicly...

CVE-2025-14246 code-projects Simple Shopping Cart settings.php sql injection

A vulnerability was found in code-projects Simple Shopping Cart 1.0. This vulnerability affects unknown code of the file /Customers/settings.php. Performing manipulation of the argument userid results in sql injection. Remote exploitation of the attack is possible. The exploit has been made publi...

CVE-2025-14246

CVE-2025-14246 affects code-projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in /Customers/settings.php triggered by manipulating the user_id parameter. Remote exploitation is possible and the exploit has been publicly disclosed. Advisories (CNVD/CNNVD/Red Hat) confirm the ...

CVE-2025-14246 code-projects Simple Shopping Cart settings.php sql injection

A vulnerability was found in code-projects Simple Shopping Cart 1.0. This vulnerability affects unknown code of the file /Customers/settings.php. Performing manipulation of the argument userid results in sql injection. Remote exploitation of the attack is possible. The exploit has been made publi...

CVE-2025-14230 code-projects Daily Time Recording System add_payroll.php sql injection

A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/addpayroll.php. Performing manipulation of the argument detailId results in sql injection. The attack can be initiated remotely. The exploit is now publi...

CVE-2025-14223 code-projects Simple Leave Manager request.php sql injection

A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staffid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-14223 code-projects Simple Leave Manager request.php sql injection

A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staffid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-14222

CVE-2025-14222 affects code-projects’ Employee Profile Management System 1.0. The vulnerability is an SQL injection in the file /print_personnel_report.php, triggered by manipulation of the per_id parameter due to lack of input validation. Public exploitation is indicated, with remote access poss...

CVE-2025-14222 code-projects Employee Profile Management System print_personnel_report.php sql injection

A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /printpersonnelreport.php. This manipulation of the argument perid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

CVE-2025-14218 code-projects Currency Exchange System editotheraccount.php sql injection

A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has be...