EUVD-2026-16805

A security vulnerability has been detected in code-projects Online Reviewer System up to 1.0. Affected is an unknown function of the file /system/system/students/assessments/databank/btnfunctions.php. Such manipulation of the argument Description leads to cross site scripting. The attack may be...

Code-Projects Online Reviewer System 安全漏洞

The Code-Projects Online Reviewer System is an online review system developed by Code-Projects as open source. Versions of the Code-Projects Online Reviewer System prior to version 1.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect handling of parameters in the...

CVE-2026-2224 code-projects Online Reviewer System btn_functions.php cross site scripting

A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...

CVE-2026-2222

The CVE-2026-2222 entry concerns code-projects Online Reviewer System 1.0. Affected: the file /system/system/admins/manage/users/btn_functions.php. Issue: manipulation of the firstname argument enables cross-site scripting (XSS). The attack can be performed remotely and the exploit is publicly av...

CVE-2026-2220

CVE-2026-2220 affects code-projects Online Reviewer System 1.0. The issue is an SQL injection in the file /system/system/admins/assessments/pretest/btn_functions.php caused by manipulating the difficulty_id argument. It can be exploited remotely and a public PoC exists. Impact is described as HIG...

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in SourceCodester House Rental and Property Listing System 1.0. Affected is an unknown function of the file btnfunctions.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

CVE-2023-3806 SourceCodester House Rental and Property Listing System btn_functions.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester House Rental and Property Listing System 1.0. Affected is an unknown function of the file btnfunctions.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

House Rental and Property Listing 代码问题漏洞

House Rental and Property Listing is a system developed in PHP, JavaScript, Bootstrap, CSS and MySQL database. It makes it easy for users to find the right house or property for rent. A code issue exists in SourceCodester House Rental and Property Listing System version 1.0 where a vulnerability...

CVE-2023-3094

A vulnerability classified as critical has been found in code-projects Agro-School Management System 1.0. Affected is the function doUpdateQuestion of the file btnfunctions.php. The manipulation of the argument questionid leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2023-3094

A vulnerability classified as critical has been found in code-projects Agro-School Management System 1.0. Affected is the function doUpdateQuestion of the file btnfunctions.php. The manipulation of the argument questionid leads to sql injection. It is possible to launch the attack remotely. The...

Cross site scripting

A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btnfunctions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated...

Design/Logic Flaw

A vulnerability was found in code-projects Agro-School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file btnfunctions.php of the component Attachment Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated...

CVE-2023-3060 code-projects Agro-School Management System btn_functions.php doAddQuestion cross site scripting

A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btnfunctions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated...