513 matches found
CVE-2025-6837
A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2025-6836
A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2025-6837
CVE-2025-6837 affects code-projects Library System 1.0. The vulnerability is in the file /profile.php where the image parameter can be manipulated to achieve unrestricted file upload. The issue arises from lack of validation of uploaded files, enabling remote exploitation. Multiple sources corrob...
CVE-2025-6837 code-projects Library System profile.php unrestricted upload
A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2025-6837 code-projects Library System profile.php unrestricted upload
A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2025-6836 code-projects Library System profile.php sql injection
A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2025-6836 code-projects Library System profile.php sql injection
A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2025-6835
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6835
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6835
CVE-2025-6835 affects code-projects Library System 1.0, with a vulnerability in the processing of the file "/student-issue-book.php" where the parameter reg can be manipulated to induce an SQL injection . The issue is exploitable remotely and has been discussed across multiple sources; CVSS vecto...
CVE-2025-6835 code-projects Library System student-issue-book.php sql injection
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6835 code-projects Library System student-issue-book.php sql injection
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
PT-2025-27336 · Unknown · Code-Projects Library System
Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability has been found in the code-projects Library System. The issue affects an unknown function of the file /profile.php. The manipulation of the phone argument leads to...
Code-Projects Library System 代码问题漏洞
Library System is a library system. Library System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /profile.php. An attacker can exploit this vulnerability to upload malicious files...
PT-2025-27337 · Unknown · Code-Projects Library System
Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability was found in the code-projects Library System, affecting an unknown functionality of the file /profile.php. The manipulation of the image argument leads to...
PT-2025-27335 · Unknown · Code-Projects Library System
Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical issue affects the processing of the file "/student-issue-book.php". The manipulation of the reg argument leads to SQL injection. The attack may be initiated remotely...
CVE-2024-3364
A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...
CVE-2024-10946
A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This affects an unknown part of the file /interlib/admin/SysLib?cmdACT=inputLIBCODE=batchXSL=editLIBCODE.xsl==. The...
CVE-2024-33294
An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the FAILE variable in the studenteditphoto.php component...
CVE-2024-10947
A vulnerability classified as critical was found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This vulnerability affects unknown code of the file /interlib/order/BatchOrder?cmdACT=adminorder=adminOrderOrderList.xsl. The...