CVE-2025-10841

A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly...

CVE-2025-10802

A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-10791

A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...

CVE-2025-10841

A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly...

CVE-2025-10842

CVE-2025-10842 affects code-projects Online Bidding System 1.0; the vulnerability is in /administrator/wew.php, where manipulating the ID parameter leads to SQL injection. Multiple connected sources confirm remote exploitation and publicly available exploits/PoCs. Impact details vary slightly acr...

CVE-2025-10842 code-projects Online Bidding System wew.php sql injection

A vulnerability was detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/wew.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...

CVE-2025-10841 code-projects Online Bidding System weweee.php sql injection

A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly...

CVE-2025-10841 code-projects Online Bidding System weweee.php sql injection

A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly...

CVE-2025-10841

CVE-2025-10841 affects code-projects Online Bidding System 1.0. The vulnerability resides in the file /administrator/weweee.php, where manipulation of the ID parameter leads to SQL injection. It is exploitable remotely and has been publicly disclosed. Multiple sources consistently describe an SQL...

CVE-2025-10837

The CVE-2025-10837 entry concerns code-projects Simple Food Ordering System 1.0. Affects the file /ordersimple/order.php, where manipulation of the ID parameter enables cross-site scripting (XSS). The attack can be initiated remotely, and the exploit has been publicly disclosed. The connected sou...

CVE-2025-10837 code-projects Simple Food Ordering System order.php cross site scripting

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /ordersimple/order.php. The manipulation of the argument ID leads to cross site scripting. The attack may be initiated remotely. The...

Code-Projects Online Hotel Reservation System In PHP SQL注入漏洞

Code-Projects Online Hotel Reservation System In PHP is a Code-Projects open source online hotel reservation system. A SQL injection vulnerability exists in Code-Projects Online Hotel Reservation System In PHP version 1.0, which originates from an incorrect manipulation of the parameter confirm i...

PT-2025-39122

Name of the Vulnerable Software and Affected Versions code-projects Online Bidding System version 1.0 Description A flaw exists in code-projects Online Bidding System that allows for SQL injection. The issue is located in the file /administrator/wew.php and involves manipulation of the ID argumen...

CVE-2025-10813 code-projects Hostel Management System index.php sql injection

A vulnerability was found in code-projects Hostel Management System 1.0. Affected is an unknown function of the file /justines/admin/modreports/index.php. The manipulation of the argument Home results in sql injection. It is possible to launch the attack remotely. The exploit has been made public...

CVE-2025-10812 code-projects Hostel Management System index.php sql injection

A vulnerability has been found in code-projects Hostel Management System 1.0. This impacts an unknown function of the file /justines/admin/modamenities/index.php?view=view. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-10812

CVE-2025-10812 affects the code-projects Hostel Management System v1.0. The vulnerability is a SQL injection in the file /justines/admin/mod_amenities/index.php?view=view, triggered by manipulation of the ID parameter. It can be exploited remotely and details have been publicly disclosed. Public ...

CVE-2025-10811 code-projects Hostel Management System index.php sql injection

A flaw has been found in code-projects Hostel Management System 1.0. This affects an unknown function of the file /justines/admin/modcomments/index.php?view=view. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-10811 code-projects Hostel Management System index.php sql injection

A flaw has been found in code-projects Hostel Management System 1.0. This affects an unknown function of the file /justines/admin/modcomments/index.php?view=view. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-10802

A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-10802 code-projects Online Bidding System remove.php sql injection

A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...