PT-2025-29945 · Code Projects · Online Appointment Booking System

Name of the Vulnerable Software and Affected Versions: code-projects Online Appointment Booking System version 1.0 Description: A critical vulnerability has been identified in code-projects Online Appointment Booking System 1.0. The issue affects unknown processing of the file...

PT-2025-29973 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Site version 1.0 Description: A problematic issue exists in code-projects E-Commerce Site. The issue involves cross-site request forgery, potentially allowing remote attacks. The exploit for this issue has been public...

PT-2025-29964 · Code Projects · Online Appointment Booking System

Name of the Vulnerable Software and Affected Versions: code-projects Online Appointment Booking System version 1.0 Description: A critical vulnerability exists in code-projects Online Appointment Booking System. The issue involves a SQL injection vulnerability in an unknown function of the...

Code-Projects Online Ordering System 代码问题漏洞

Online Ordering System is an online ordering system. A file upload vulnerability exists in Online Ordering System that stems from a lack of valid validation of uploaded files by the parameter image in the file /admin/editproduct.php. No details of the vulnerability are available at this time...

CVE-2025-7595

A vulnerability was found in code-projects Job Diary 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view-cad.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7593

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-all.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-7612 code-projects Mobile Shop login.php sql injection

A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7612 code-projects Mobile Shop login.php sql injection

A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7609

A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruseremail leads to sql injection. The attack can be launched remotely. The...

CVE-2025-7606

CVE-2025-7606 affects AVL Rooms 1.0, with a SQL injection in /city.php triggered by the city parameter. The vulnerability is exploitable remotely and publicly disclosed, prompting immediate attention. Reported by multiple sources (NVD, Red Hat, CVE List) across tooling ecosystems. Root cause cent...

CVE-2025-7606 code-projects AVL Rooms city.php sql injection

A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of the argument city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-7606 code-projects AVL Rooms city.php sql injection

A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of the argument city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-7605 code-projects AVL Rooms profile.php sql injection

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-7605

CVE-2025-7605 affects AVL Rooms 1.0 by Code-Projects. The vulnerability is an SQL injection in /profile.php via the first_name parameter, exploitable remotely. Exploit has been publicly disclosed. Affects unknown functionality; exploitability and impact are described as high in CVSS notes across ...

CVE-2025-7594

CVE-2025-7594 affects code-projects Job Diary 1.0. The vulnerability is a SQL injection in the /view-emp.php file, caused by unsafely using the idle parameter ID without validation, enabling remote exploitation. Public disclosures indicate an attacker can run arbitrary SQL, with potential data ac...

CVE-2025-7593 code-projects Job Diary view-all.php sql injection

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-all.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-7587 code-projects Online Appointment Booking System cover.php sql injection

A vulnerability was found in code-projects Online Appointment Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cover.php. The manipulation of the argument uname/psw leads to sql injection. The attack may be launched remotely. The...

CVE-2025-7587

CVE-2025-7587 affects code-projects Online Appointment Booking System 1.0 . The vulnerability is a SQL injection in the unknown functionality of the file /cover.php , triggered by manipulating the uname/psw parameter. It is remotely exploitable and has been disclosed publicly (exploit maturity: P...

CVE-2025-7581 code-projects Voting System positions_edit.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/positionsedit.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The...

CVE-2025-7580 code-projects Voting System positions_row.php sql injection

A vulnerability classified as critical was found in code-projects Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positionsrow.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has bee...