Code-Projects Accounting System SQL注入漏洞

Code-Projects Accounting System is an accounting system open sourced by Code-Projects. Version 1.0 of Code-Projects Accounting System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter cosid in the file/viewincostumer.php of the Component Paramete...

CVE-2026-5035 code-projects Accounting System Parameter view_work.php sql injection

A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /viewwork.php of the component Parameter Handler. Such manipulation of the argument enid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-5034

The CVE-2026-5034 issue affects code-projects Accounting System 1.0, specifically the Parameter Handler’s /edit_costumer.php. The cos_id argument manipulation enables SQL injection, with remote exploitation possible and an exploit published. Multiple feeds (NVD, Red Hat, ENISA EUVD, CIRCL, CVE li...

CVE-2026-5033

CVE-2026-5033 affects code-projects Accounting System 1.0, specifically the /view_costumer.php component under Parameter Handler. It allows manipulation of the cos_id argument to trigger SQL injection, with remote access and public exploits reported. Multiple sources (NVD, Red Hat, CIRCL, CVE lis...

Code-Projects Accounting System SQL注入漏洞

Code-Projects Accounting System is an accounting system open sourced by Code-Projects. Version 1.0 of the Code-Projects Accounting System has a SQL injection vulnerability. This vulnerability stems from improper handling of the cosid parameter in the file/editcostumer.php, which may lead to SQL...

CVE-2026-4836

A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...

CVE-2026-4836 code-projects Accounting System delete.php sql injection

A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...

CVE-2026-4836 code-projects Accounting System delete.php sql injection

A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...

CVE-2026-4835 code-projects Accounting System Web Application add_costumer.php cross site scripting

A security vulnerability has been detected in code-projects Accounting System 1.0. Impacted is an unknown function of the file /myaccount/addcostumer.php of the component Web Application Interface. Such manipulation of the argument costumername leads to cross site scripting. The attack may be...

CVE-2026-4835 code-projects Accounting System Web Application add_costumer.php cross site scripting

A security vulnerability has been detected in code-projects Accounting System 1.0. Impacted is an unknown function of the file /myaccount/addcostumer.php of the component Web Application Interface. Such manipulation of the argument costumername leads to cross site scripting. The attack may be...

CVE-2026-4835

The CVE covers code-projects Accounting System 1.0, where the argument costumer_name in /my_account/add_costumer.php can be manipulated to trigger cross-site scripting in the Web Application Interface. The vulnerability is exploitable remotely and the exploit is public. Impact is limited to low i...

Code-Projects Accounting System 代码注入漏洞

Code-Projects Accounting System is an accounting system open sourced by Code-Projects. Version 1.0 of the Code-Projects Accounting System has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter costumername in the file /myaccount/addcostumer.php, whic...