CVE-2026-7117

A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

CVE-2026-7117 code-projects Employee Management System approve.php sql injection

A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

Code-Projects Employee Management System 注入漏洞

Code-Projects Employee Management System is an open-source employee management system developed by Code-Projects. Version 1.0 of the Code-Projects Employee Management System has a SQL injection vulnerability. This vulnerability arises from the operation of an unknown function in the...

EUVD-2025-20525

Malicious code in bioql PyPI...

CVE-2025-7476

A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

CVE-2025-7476 code-projects Simple Car Rental System approve.php sql injection

A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

Code-Projects Simple Car Rental System 注入漏洞

Code-Projects Simple Car Rental System is an open source car rental software from Code-Projects. An injection vulnerability exists in Code-Projects Simple Car Rental System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter ID in the file...

CVE-2025-7185

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2025-7185 code-projects Library System approve.php sql injection

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

Code-Projects Library System 注入漏洞

Library System is a library system. Library System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID of the file /approve.php. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

CVE-2025-6903

CVE-2025-6903 affects code-projects Car Rental System 1.0. The vulnerability is an SQL injection in the /admin/approve.php file, triggered by manipulating the ID parameter. It is exploitable remotely and the exploit has been disclosed publicly. Multiple connected sources corroborate the issue and...

CVE-2025-6903 code-projects Car Rental System approve.php sql injection

A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...

PT-2025-27435 · Unknown · Code-Projects Car Rental System

Name of the Vulnerable Software and Affected Versions: code-projects Car Rental System version 1.0 Description: A critical vulnerability was found in the code-projects Car Rental System, affecting an unknown functionality of the file /admin/approve.php. The manipulation of the ID argument leads t...

CVE-2025-4457 Project Worlds Car Rental Project approve.php sql injection

A vulnerability classified as critical was found in Project Worlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has be...

Sql injection

Multiple SQL injection vulnerabilities in approve.php in Img Pals Photo Host 1.0 allow remote attackers to execute arbitrary SQL commands via the u parameter in a 1 app0 or 2 app1 action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2012-4925

CVE-2012-4925 describes multiple SQL injection vulnerabilities in Img Pals Photo Host 1.0, triggered via the u parameter in approve.php when performing app0 or app1 actions. The issue allows remote attackers to execute arbitrary SQL commands. The CVSSv2 score is 7.5 (HIGH) with network attack vec...

CVE-2012-4926

approve.php in Img Pals Photo Host 1.0 does not authenticate requests, which allows remote attackers to change the activation of administrators via the u parameter in an 1 app0 disable or 2 app1 enable action...