CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/07/10 8:15 p.m.•5 views

CVE-2025-7413

A vulnerability classified as critical has been found in code-projects Library System 1.0. This affects an unknown part of the file /user/teacher/profile.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

8.8CVSS0.00283EPSS

Cvelist•added 2025/07/10 8:2 p.m.•8 views

CVE-2025-7413 code-projects Library System profile.php unrestricted upload

6.5CVSS0.00283EPSS

CVE•added 2025/07/10 8:2 p.m.•16 views

CVE-2025-7413

The CVE-2025-7413 issue affects code-projects Library System 1.0, specifically the /user/teacher/profile.php file. The root cause is improper handling/validation of the image parameter, which allows unrestricted file uploads. This enables remote initiation of an attack and matches the reported pu...

8.8CVSS7.2AI score0.00283EPSS

Vulnrichment•added 2025/07/10 7:32 p.m.•2 views

CVE-2025-7412 code-projects Library System profile.php unrestricted upload

6.5CVSS7.1AI score0.00283EPSS

CVE•added 2025/07/10 7:32 p.m.•25 views

CVE-2025-7412

CVE-2025-7412 concerns code-projects Library System 1.0. The vulnerability lies in /user/student/profile.php where manipulation of the image parameter enables unrestricted file upload. Allied reports (Red Hat, NVD, CNVD, PT-Security, CNVD, etc.) consistently describe the issue as a critical, remo...

8.8CVSS6.5AI score0.00283EPSS

Cvelist•added 2025/07/10 7:32 p.m.•7 views

CVE-2025-7412 code-projects Library System profile.php unrestricted upload

6.5CVSS0.00283EPSS

Vulnrichment•added 2025/07/10 7:2 p.m.•3 views

CVE-2025-7411 code-projects LifeStyle Store success.php sql injection

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /success.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has...

7.5CVSS7.6AI score0.00204EPSS

RedhatCVE•added 2025/07/10 6:24 p.m.•4 views

CVE-2025-7188

A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/addmember.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been...

8.8CVSS7.7AI score0.00197EPSS

NVD•added 2025/07/10 5:15 p.m.•4 views

CVE-2025-7410

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been classified as critical. Affected is an unknown function of the file /cartremove.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

9.8CVSS0.00204EPSS

CVE•added 2025/07/10 5:2 p.m.•23 views

CVE-2025-7410

Summary: CVE-2025-7410 affects LifeStyle Store 1.0 from Code-Projects. The issue is a vulnerability in the /cart_remove.php file where manipulating the ID argument enables SQL injection. The vulnerability is remote and the exploit has been disclosed publicly. Affected component: LifeStyle Store 1...

9.8CVSS7.5AI score0.00204EPSS

Vulnrichment•added 2025/07/10 5:2 p.m.•4 views

CVE-2025-7410 code-projects LifeStyle Store cart_remove.php sql injection

7.5CVSS7.6AI score0.00204EPSS

CVE•added 2025/07/10 4:32 p.m.•16 views

CVE-2025-7409

CVE-2025-7409 affects code-projects Mobile Shop 1.0. The vulnerability arises from insecure handling of the email parameter in /LoginAsAdmin.php, enabling SQL injection. Exploitation can be performed remotely and has been publicly disclosed in multiple sources, with high/severe impact potential o...

9.8CVSS7.5AI score0.00204EPSS

RedhatCVE•added 2025/07/10 4:28 p.m.•4 views

CVE-2025-7185

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

9.8CVSS7.8AI score0.00277EPSS

RedhatCVE•added 2025/07/10 11:22 a.m.•10 views

CVE-2025-7174

A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

9.8CVSS7.7AI score0.00277EPSS

RedhatCVE•added 2025/07/10 10:25 a.m.•4 views

CVE-2025-7173

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

9.8CVSS7.9AI score0.00277EPSS

RedhatCVE•added 2025/07/10 8:25 a.m.•5 views

CVE-2025-7169

A vulnerability classified as critical has been found in code-projects Crime Reporting System 1.0. Affected is an unknown function of the file /complainerpage.php. The manipulation of the argument location leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS7.8AI score0.00277EPSS