CVE-2025-14194 code-projects Employee Profile Management System view_personnel.php cross site scripting

A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-13244

The CVE-2025-13244 entry concerns code-projects Student Information System 2.0. The vulnerability is a cross-site scripting flaw in the /register.php file, affecting an unspecified function; the issue enables remote exploitation and has publicly disclosed exploit information. Multiple connected s...

CVE-2025-12314

CVE-2025-12314 affects code-projects Food Ordering System 1.0. The vulnerability is triggered by manipulating the itemID argument in the unknown function of /admin/deleteitem.php, enabling SQL injection. This allows remote exploitation, and the public exploit has been released, indicating real-wo...

CVE-2025-12281 code-projects Client Details System clientview.php cross site scripting

A vulnerability was determined in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/clientview.php. Executing manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be...

CVE-2025-12279 code-projects Client Details System welcome.php cross site scripting

A vulnerability has been found in code-projects Client Details System 1.0. This vulnerability affects unknown code of the file /welcome.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...

CVE-2025-12262 code-projects Online Event Judging System edit_criteria.php sql injection

A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /editcriteria.php. Executing manipulation of the argument critid can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

CVE-2025-12255

CVE-2025-12255 affects code-projects Online Event Judging System 1.0. A SQL injection flaw originates from the lack of validation of the fullname parameter in /add_contestant.php. The vulnerability allows remote execution of arbitrary SQL commands and may lead to data theft or modification; an ex...

PT-2025-43930

Name of the Vulnerable Software and Affected Versions code-projects Online Event Judging System version 1.0 Description A flaw exists in code-projects Online Event Judging System 1.0 that allows for remote SQL injection. The issue is located in the file /edit judge.php within an unknown function...

CVE-2025-11424

CVE-2025-11424 affects code-projects Web-Based Inventory and POS System 1.0. The vulnerability lies in the login.php module, where manipulating the emailid parameter enables SQL injection. Exploitation can be performed remotely, and public disclosures exist. Affected component: login.php in Web-B...

CVE-2025-11353 code-projects Online Hotel Reservation System addgalleryexec.php unrestricted upload

A vulnerability was detected in code-projects Online Hotel Reservation System 1.0. This impacts an unknown function of the file /admin/addgalleryexec.php. Performing manipulation of the argument image results in unrestricted upload. The attack is possible to be carried out remotely. The exploit i...

CVE-2025-11107

The CVE-2025-11107 vulnerability affects code-projects Simple Scheduling System 1.0. An SQL injection exists in the addcourse.php handling of the corcode parameter, allowing remote exploitation. The exploit is public and could be used against exposed instances. Documents describe this as a remote...

CVE-2025-10795 code-projects Online Bidding System bidupdate.php sql injection

A vulnerability has been found in code-projects Online Bidding System 1.0. This affects an unknown part of the file /administrator/bidupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

CVE-2025-10104

A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /reviewsearch.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-10102 code-projects Online Event Judging System index.php sql injection

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

PT-2025-35424

Name of the Vulnerable Software and Affected Versions: code-projects Human Resource Integrated System version 1.0 Description: A security flaw exists in code-projects Human Resource Integrated System version 1.0. The issue involves a SQL injection affecting an unknown function within the login...

CVE-2025-9595

The CVE-2025-9595 entry concerns code-projects Student Information Management System v1.0. The vulnerability is a cross-site scripting flaw in an unknown function of /login.php triggered by manipulation of the uname argument. It is exploitable remotely and an exploit has been publicly released. T...

CVE-2025-8494

CVE-2025-8494 concerns code-projects Intern Membership Management System 1.0. The vulnerability is in the processing of the parameter ID in the file /admin/delete_student.php, where manipulation of ID leads to SQL injection. The issue is exploitable remotely and has been disclosed publicly. Conne...

CVE-2025-7517

CVE-2025-7517 affects code-projects Online Appointment Booking System 1.0. The vulnerability is a SQL injection in the file /getDay.php triggered by manipulating the cidval parameter. The issue is exploitable remotely and exploits have been publicly disclosed. Multiple connected sources confirm t...

PT-2025-27341 · Code Projects · Code-Projects Product Inventory System

Name of the Vulnerable Software and Affected Versions: code-projects Product Inventory System version 1.0 Description: A critical vulnerability was found in the code-projects Product Inventory System. This issue affects the Login component, specifically the file /index.php. The manipulation of th...

PT-2025-27332 · Code Projects · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical vulnerability has been found in the code-projects Inventory Management System, affecting unknown code of the file /orders.php. The manipulation of the argument i...