PT-2025-44065

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A cross site scripting issue exists in code-projects E-Commerce Website version 1.0. The issue is related to the manipulation of the supp name/supp address argument within the file...

CVE-2025-11668 code-projects Automated Voting System update_user.php sql injection

A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/updateuser.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-11668 code-projects Automated Voting System update_user.php sql injection

A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/updateuser.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-11667

The CVE-2025-11667 entry concerns code-projects Automated Voting System 1.0. Affected component: the server-side code in /admin/add_candidate_modal.php. The vulnerability is SQL injection triggered by manipulating the firstname parameter, allowing remote exploitation. Multiple connected sources c...

CVE-2025-11667 code-projects Automated Voting System add_candidate_modal.php. sql injection

A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addcandidatemodal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11605

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11613 code-projects Simple Food Ordering System addcategory.php sql injection

A vulnerability was found in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file /addcategory.php. The manipulation of the argument cname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-11613

The CVE-2025-11613 issue affects the Simple Food Ordering System (version 1.0), specifically the /addcategory.php file. Reports consistently identify a SQL injection vulnerability arising from unsafely handling the cname parameter, enabling remote exploitation. Public exploit details are noted in...

CVE-2025-11612

CVE-2025-11612 affects the Simple Food Ordering System 1.0, specifically the /addproduct.php script. The root cause is a lack of validation of the Category parameter, allowing an SQL injection that can be exploited remotely. Public exploit details exist. Several connected sources corroborate the ...

CVE-2025-11612 code-projects Simple Food Ordering System addproduct.php sql injection

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

CVE-2025-11608 code-projects E-Banking System POST Parameter register.php sql injection

A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack...

CVE-2025-11608 code-projects E-Banking System POST Parameter register.php sql injection

A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack...

CVE-2025-11605

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11605

The CVE-2025-11605 entry concerns code-projects Client Details System 1.0. The vulnerability is in the file /admin/update-profile.php, where manipulation of the uid parameter leads to an SQL injection. It is exploitable remotely, and the exploit is publicly available. Affected component: /admin/u...

CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-11600

The CVE-2025-11600 entry corresponds to a SQL injection in code-projects Simple Food Ordering System 1.0, specifically in the editcategory.php file where the cname parameter is not validated. This vulnerability enables remote attackers to manipulate SQL statements via the cname argument, potentia...

CVE-2025-11597

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...