Code-Projects Question Paper Generator SQL注入漏洞

Code-Projects Question Paper Generator is a Code-Projects open source question paper generation software. Code-Projects Question Paper Generator 1.0 and earlier versions have a SQL injection vulnerability that stems from improper handling of the parameter subid in the file /selectquestionuser.php...

CVE-2025-60736

code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...

CVE-2025-60736

code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...

CVE-2025-13583

A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...

CVE-2025-13585

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2025-13585 itsourcecode COVID Tracking System login.php sql injection

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2025-13585

The CVE-2025-13585 affects itsourcecode COVID Tracking System 1.0. A flaw in /login.php allows manipulation of the code argument to trigger SQL injection. The issue is remotely exploitable and exploits are publicly available. Connected sources confirm the vulnerability details and that a fix vers...

CVE-2025-13585 itsourcecode COVID Tracking System login.php sql injection

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2025-13583 code-projects Question Paper Generator POST Parameter signupscript.php sql injection

A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...

EUVD-2025-198610

A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...

CVE-2025-13583 code-projects Question Paper Generator POST Parameter signupscript.php sql injection

A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...

CVE-2025-13582

The CVE affects Code-Projects Jonnys Liquor 1.0 where the GET Parameter Handler in /detail.php is vulnerable. Manipulating the Product argument enables SQL injection, enabling remote exploitation. The public exploit is reportedly available. No vendor/patch/version details are provided in the supp...

CVE-2025-13582 code-projects Jonnys Liquor GET Parameter detail.php sql injection

A security flaw has been discovered in code-projects Jonnys Liquor 1.0. Affected by this issue is some unknown functionality of the file /detail.php of the component GET Parameter Handler. Performing manipulation of the argument Product results in sql injection. Remote exploitation of the attack ...

CVE-2025-13580 code-projects Library System mail.php sql injection

A vulnerability was determined in code-projects Library System 1.0. Affected is an unknown function of the file /mail.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-13580

The CVE-2025-13580 entry relates to Library System 1.0 (code-projects). Multiple connected sources confirm SQL injection in the /mail.php file caused by unsafely handling the ID parameter, enabling remote exploitation. Descriptions consistently attribute the vulnerability to lack of input validat...

CVE-2025-13579 code-projects Library System return.php sql injection

A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-13579

CVE-2025-13579 affects code-projects Library System 1.0, specifically the file /return.php. Multiple connected records confirm a SQL Injection vulnerability originating from the ID parameter, enabling remote exploitation. The vulnerability is widely documented across CVE feeds (NVD/NVD mirror, RH...

EUVD-2025-198599

A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-13579 code-projects Library System return.php sql injection

A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-13578

The connected CNVD/NVD entries confirm a real vulnerability in code-projects’ Library System 1.0, specifically in the Login component’s index.php. The flaw arises from unsafely handling the Username parameter, enabling remote SQL injection. The affected file is /index.php (Login), and exploitatio...