CVE-2026-7238 code-projects Online Music Site AdminUpdateAlbum.php unrestricted upload

A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of the argument txtimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and...

CVE-2026-4970

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

CVE-2026-2213

The CVE-2026-2213 entry concerns code-projects Online Music Site 1.0 with an unrestricted upload vulnerability in /Administrator/PHP/AdminAddAlbum.php. The issue stems from manipulating the txtimage argument, enabling remote attackers to upload files without restriction. Multiple connected source...

CVE-2026-2211

CVE-2026-2211 (code-projects Online Music Site 1.0) : The vulnerability is in the unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. A manipulation of the argument ID can trigger a SQL injection , with the attack executable remotely. Public disclosure of the exploit is noted...

CVE-2026-2083 code-projects Social Networking Site delete_post.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

CVE-2026-2083 code-projects Social Networking Site delete_post.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

PT-2026-2042

Name of the Vulnerable Software and Affected Versions code-projects Online Music Site version 1.0 Description A security flaw exists in code-projects Online Music Site 1.0. The issue involves a SQL injection impacting an unknown function within the file /Administrator/PHP/AdminUpdateUser.php...

Code-Projects Online Music Site SQL注入漏洞

Code-Projects Online Music Site is a Code-Projects open source online music site. Code-Projects Online Music Site version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter txtusername in the file /Administrator/PHP/AdminAddUser.php, which could...

CVE-2026-0569 code-projects Online Music Site AlbumByCategory.php sql injection

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown function of the file /Frontend/AlbumByCategory.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

cve

Here are some vulnerabilities related to variou...

PT-2025-44307

Name of the Vulnerable Software and Affected Versions code-projects Online Complaint Site version 1.0 Description A flaw exists in the processing of the file '/cms/admin/subcategory.php' within the software. The issue involves a SQL injection that occurs due to manipulation of the category...

CVE-2025-11530 code-projects Online Complaint Site state.php sql injection

A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...

CVE-2025-11514 code-projects Online Complaint Site index.php sql injection

A vulnerability was identified in code-projects Online Complaint Site 1.0. This vulnerability affects unknown code of the file /cms/users/index.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly available and...

PT-2025-39676

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 that allows for SQL injection. The issue is located in the file /pages/admin account update.php and involves manipulation of the use...

Code-Projects E-Commerce Site 代码问题漏洞

E-Commerce Site is an e-commerce site. E-Commerce Site suffers from an arbitrary file upload vulnerability that stems from improper manipulation of the parameter photo in the file /admin/usersphoto.php, no details of the vulnerability are available at this time...