CVE-2025-11424 code-projects Web-Based Inventory and POS System login.php sql injection

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. This impacts an unknown function of the file /login.php. Executing manipulation of the argument emailid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

CVE-2025-11424

CVE-2025-11424 affects code-projects Web-Based Inventory and POS System 1.0. The vulnerability lies in the login.php module, where manipulating the emailid parameter enables SQL injection. Exploitation can be performed remotely, and public disclosures exist. Affected component: login.php in Web-B...

CVE-2025-11421 code-projects Voting System candidates_edit.php cross site scripting

A flaw has been found in code-projects Voting System 1.0. The affected element is an unknown function of the file /admin/candidatesedit.php. This manipulation of the argument Firstname/Lastname/Platform causes cross site scripting. Remote exploitation of the attack is possible. The exploit has be...

CVE-2025-11421

CVE-2025-11421 applies to code-projects Voting System 1.0. The flaw is a cross-site scripting vulnerability in the unknown function of the file /admin/candidates_edit.php , caused by manipulating the arguments Firstname/Lastname/Platform . Remote exploitation is possible, and an exploit has been ...

CVE-2025-11420 code-projects E-Commerce Website edit_order_details.php sql injection

A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-11420 code-projects E-Commerce Website edit_order_details.php sql injection

A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-11420

CVE-2025-11420 affects code-projects E-Commerce Website 1.0. The vulnerability is a SQL injection in the /pages/edit_order_details.php handler, triggered by manipulating the order_id parameter. The issue originates from lack of input validation for an externally supplied SQL statement, allowing a...

Code-Projects Web-Based Inventory and POS System 安全漏洞

Code-Projects Web-Based Inventory and POS System is a web-based inventory and POS system from Code-Projects open source. A security vulnerability exists in version 1.0 of the code-projects Web-Based Inventory and POS System, which stems from an incorrect manipulation of the parameter shopid in th...

PT-2025-41214

Name of the Vulnerable Software and Affected Versions code-projects Web-Based Inventory and POS System version 1.0 Description A flaw exists in code-projects Web-Based Inventory and POS System 1.0. The issue is related to the manipulation of the emailid argument in the /login.php file, which can...

PT-2025-41317

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0. Manipulation of the prod name argument in the file '/pages/product add.php' can lead to SQL injection. This issue may be exploited...

CVE-2025-11343

A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly an...

CVE-2025-11396 code-projects Simple Food Ordering System product.php sql injection

A vulnerability was identified in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /product.php. Such manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2025-11359

CVE-2025-11359 affects code-projects Simple Banking System 1.0, specifically the /transfermoney.php file. The vulnerability is a SQL injection caused by unsafely handling the ID parameter, exposing an attacker to execute SQL commands remotely. Public exploit indication is present in the sources. ...

CVE-2025-11359 code-projects Simple Banking System transfermoney.php sql injection

A security vulnerability has been detected in code-projects Simple Banking System 1.0. The affected element is an unknown function of the file /transfermoney.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-11359 code-projects Simple Banking System transfermoney.php sql injection

A security vulnerability has been detected in code-projects Simple Banking System 1.0. The affected element is an unknown function of the file /transfermoney.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-11358 code-projects Simple Banking System removeuser.php sql injection

A weakness has been identified in code-projects Simple Banking System 1.0. Impacted is an unknown function of the file /removeuser.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and...

CVE-2025-11358 code-projects Simple Banking System removeuser.php sql injection

A weakness has been identified in code-projects Simple Banking System 1.0. Impacted is an unknown function of the file /removeuser.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and...

CVE-2025-11358

CVE-2025-11358 affects code-projects Simple Banking System 1.0, specifically the file /removeuser.php. The weakness arises from manipulation of the ID parameter, enabling SQL injection. Exploitation can be performed remotely, and public exploits exist. Multiple connected sources corroborate the v...

CVE-2025-11357 code-projects Simple Banking System createuser.php sql injection

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

CVE-2025-11357 code-projects Simple Banking System createuser.php sql injection

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...