CVE-2026-37749

CodeAstro Simple Attendance Management System v1.0 is affected by a SQL injection in index.php via the username parameter, enabling remote unauthenticated attackers to bypass login and gain admin access. Root cause: direct interpolation of user input into the SQL query without proper escaping or ...

PT-2026-20465

Name of the Vulnerable Software and Affected Versions CodeAstro Membership Management System version 1.0 Description The application lacks proper authentication and authorization in the print membership card.php file. This allows unauthenticated attackers to access membership card data belonging ...

EUVD-2025-12509

Malicious code in bioql PyPI...

EUVD-2024-51316

Malicious code in bioql PyPI...

EUVD-2024-27041

Malicious code in bioql PyPI...

EUVD-2025-20322

Malicious code in bioql PyPI...

EUVD-2025-11982

Malicious code in bioql PyPI...

CVE-2025-9941

A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /register.php. Executing manipulation of the argument uimage can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-9939

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

CVE-2025-9939

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

CVE-2025-9941 CodeAstro Real Estate Management System register.php unrestricted upload

A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /register.php. Executing manipulation of the argument uimage can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-9941 CodeAstro Real Estate Management System register.php unrestricted upload

A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /register.php. Executing manipulation of the argument uimage can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-7133

A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

PT-2025-26881 · Codeastro · Codeastro Patient Record Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Patient Record Management System version 1.0 Description: A problematic issue was found, leading to cross-site request forgery. The manipulation can be launched remotely. Recommendations: For CodeAstro Patient Record Management Syst...

CVE-2025-5611

A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-5581

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely. The exploit has bee...

CVE-2024-0423

A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file dishes.php. The manipulation of the argument resid leads to cross site scripting. The attack may be launched remotely. The...

CVE-2024-1199

A vulnerability has been found in CodeAstro Employee Task Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file \employee-tasks-php\attendance-info.php. The manipulation of the argument atenid leads to denial of service. The...

CVE-2024-55509

SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component...

CVE-2024-55506

An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 version with 0 updates enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter...