509 matches found
CVE-2025-6837 code-projects Library System profile.php unrestricted upload
A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2025-6836 code-projects Library System profile.php sql injection
A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2025-6836 code-projects Library System profile.php sql injection
A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2025-6835
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6835
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6835
CVE-2025-6835 affects code-projects Library System 1.0, with a vulnerability in the processing of the file "/student-issue-book.php" where the parameter reg can be manipulated to induce an SQL injection . The issue is exploitable remotely and has been discussed across multiple sources; CVSS vecto...
CVE-2025-6835 code-projects Library System student-issue-book.php sql injection
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6835 code-projects Library System student-issue-book.php sql injection
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...
PT-2025-27336 · Unknown · Code-Projects Library System
Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability has been found in the code-projects Library System. The issue affects an unknown function of the file /profile.php. The manipulation of the phone argument leads to...
Code-Projects Library System 代码问题漏洞
Library System is a library system. Library System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /profile.php. An attacker can exploit this vulnerability to upload malicious files...
PT-2025-27337 · Unknown · Code-Projects Library System
Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability was found in the code-projects Library System, affecting an unknown functionality of the file /profile.php. The manipulation of the image argument leads to...
PT-2025-27335 · Unknown · Code-Projects Library System
Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical issue affects the processing of the file "/student-issue-book.php". The manipulation of the reg argument leads to SQL injection. The attack may be initiated remotely...
CVE-2024-3364
A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...
CVE-2024-10946
A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This affects an unknown part of the file /interlib/admin/SysLib?cmdACT=inputLIBCODE=batchXSL=editLIBCODE.xsl==. The...
CVE-2024-33294
An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the FAILE variable in the studenteditphoto.php component...
CVE-2024-10947
A vulnerability classified as critical was found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This vulnerability affects unknown code of the file /interlib/order/BatchOrder?cmdACT=adminorder=adminOrderOrderList.xsl. The...
CVE-2023-7179
A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/categoryrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to...
CVE-2023-7176
A vulnerability classified as critical has been found in Campcodes Online College Library System 1.0. This affects an unknown part of the file /admin/returnadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injection. It is possible to initia...
CVE-2023-5580
A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2021-26200
The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user...