7 matches found
CVE-2026-4970
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...
CVE-2026-4970
CVE-2026-4970 affects code-projects Social Networking Site 1.0. The vulnerability is SQL injection in the file delete_photos.php (Endpoint component) triggered by manipulating the ID argument. It can be exploited remotely and the exploit is publicly available. The connected CVE records do not pro...
CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...
CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...
CVE-2026-4970
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...
CVE-2025-11078
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible to be carried out...
School Event Management System Arbitrary File Upload Vulnerability
School Event Management System is a school event management system. An arbitrary file upload vulnerability exists in School Event Management System version 1.0, which can be exploited to upload arbitrary files with the help of event/controller.php?action=photos URL...