CVE-2025-13578

A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

EUVD-2025-20454

Malicious code in bioql PyPI...

EUVD-2025-20525

Malicious code in bioql PyPI...

CVE-2025-7173

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

Sql injection

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched...

CVE-2024-1830

CVE-2024-1830 affects code-projects Library System 1.0. The vulnerable component is the file Source/librarian/user/student/lost-password.php, where the manipulation of the email parameter leads to an SQL injection. The issue can be exploited remotely and the exploit has been disclosed publicly. R...

CVE-2024-1830 code-projects Library System lost-password.php sql injection

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched...

CVE-2024-1829

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql injectio...

CVE-2024-1827

A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file Source/librarian/user/teacher/login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely...

CVE-2024-1829

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql injectio...

Sql injection

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql injectio...

CVE-2024-1828

Code-projects Library System 1.0 is affected by a SQL injection in Source/librarian/user/teacher/registration.php. The vulnerability arises from unsafely handling the arguments email, idno, phone, and username, enabling remote exploitation. Public exploitation information is present, and the entr...

CVE-2024-1827

CVE-2024-1827 affects code-projects Library System 1.0. The vulnerability resides in the login path (Source/librarian/user/teacher/login.php) where manipulating the username and password parameters leads to an SQL injection. The issue is exploitable remotely and, per available sources, the exploi...

Sql injection

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...

Sql injection

The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user...

Library System 1.0 SQL Injection

Exploit Title: Library System 1.0 - 'category' SQL Injection Exploit Author: Aitor Herrero Date: 2021-01-22 Vendor Homepage: https://www.sourcecodester.com/php/12275/library-system-using-php.html Software Link: https://www.sourcecodester.com/php/12275/library-system-using-php.html Version: 1.0...