CVE-2025-56289

code-projects Document Management System 1.0 has a Cross Site Scripting XSS vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files...

Code-Projects Food Ordering Review System 安全漏洞

Code-Projects Food Ordering Review System is an open source food ordering review system from Code-Projects. A security vulnerability exists in Code-Projects Food Ordering Review System version 1.0, which stems from incorrect handling of input in the user-submitted ordering information area and...

CVE-2025-56289

code-projects Document Management System 1.0 has a Cross Site Scripting XSS vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files...

Code-Projects Food Ordering Review System 安全漏洞

Code-Projects Food Ordering Review System is an open source food ordering review system from Code-Projects. A security vulnerability exists in Code-Projects Food Ordering Review System version 1.0, which stems from a failure to validate user name input in the registration function, which could le...

Code-Projects Document Management System 安全漏洞

Code-Projects Document Management System is an open source document management system from Code-Projects. A security vulnerability exists in Code-Projects Document Management System version 1.0, which stems from a failure to filter malicious cross-site scripting code in the Company field when...

CVE-2025-56293

code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting XSS in the Add Child Information section in the Childs Name field...

CVE-2025-10104

A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /reviewsearch.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-10102

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

CVE-2025-10104

The CVE-2025-10104 entry concerns code-projects Online Event Judging System 1.0. Affected is the /review_search.php component where the txtsearch parameter can be manipulated to perform SQL injection. The vulnerability enables remote exploitation, and multiple sources note that the exploit has be...

CVE-2025-10104 code-projects Online Event Judging System review_search.php sql injection

A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /reviewsearch.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-10104 code-projects Online Event Judging System review_search.php sql injection

A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /reviewsearch.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-10102

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

CVE-2025-10103

CVE-2025-10103 affects code-projects Online Event Judging System 1.0. The vulnerability is a SQL injection in the /home.php file caused by manipulation of the main_event argument, potentially exploitable remotely. Multiple connected sources confirm this issue and note that the exploit has been pu...

CVE-2025-10102

The CVE-2025-10102 entry concerns code-projects Online Event Judging System 1.0. The vulnerability is a SQL injection in the /index.php file caused by manipulating the Username parameter; it is exploitable remotely and the exploit has been publicly released. Multiple connected sources corroborate...

CVE-2025-10102 code-projects Online Event Judging System index.php sql injection

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

CVE-2025-10102 code-projects Online Event Judging System index.php sql injection

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

Code-Projects Online Event Judging System 安全漏洞

Code-Projects Online Event Judging System is an open source online event judging system from Code-Projects. A security vulnerability exists in code-projects Online Event Judging System version 1.0, which stems from a SQL injection due to incorrect manipulation of the mainevent parameter...

CVE-2025-9929 code-projects Responsive Blog Site blogs_view.php cross site scripting

A weakness has been identified in code-projects Responsive Blog Site 1.0. This affects an unknown function of the file blogsview.php. Executing manipulation of the argument productcode/genname/productname/supplier can lead to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2025-9929

The CVE-2025-9929 entry concerns Code-Projects Responsive Blog Site 1.0. A vulnerability in blogs_view.php arises from improper manipulation of the parameters product_code, gen_name, product_name, and supplier, enabling cross-site scripting. The issue appears exploitable remotely and an exploit h...

CVE-2025-9929 code-projects Responsive Blog Site blogs_view.php cross site scripting

A weakness has been identified in code-projects Responsive Blog Site 1.0. This affects an unknown function of the file blogsview.php. Executing manipulation of the argument productcode/genname/productname/supplier can lead to cross site scripting. It is possible to launch the attack remotely. The...