CVE-2025-6835

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...

PT-2025-27502 · Unknown · Code-Projects Simple Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Pizza Ordering System version 1.0 Description: A critical issue affects the processing of the file /editcus.php. The manipulation of the ID argument leads to SQL injection. The attack can be initiated remotely. The exploi...

PT-2025-27490 · Unknown · Code-Projects Simple Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Pizza Ordering System version 1.0 Description: A critical issue was found in the code-projects Simple Pizza Ordering System. The manipulation of the ID argument leads to SQL injection in the /large.php file. This issue ca...

CVE-2025-6828

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-6823

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /phpaction/editProduct.php. The manipulation of the argument editProductName leads to sql injection. The attack may be initiated...

CVE-2025-6822

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/removeProduct.php. The manipulation of the argument productId leads to sql injection. The attack can be initiated remotely...

CVE-2025-6821

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /phpaction/createOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6917 code-projects Online Hotel Booking registration.php sql injection

A vulnerability has been found in code-projects Online Hotel Booking 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/registration.php. The manipulation of the argument uname leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2025-6902

CVE-2025-6902 affects code-projects Inventory Management System 1.0, specifically the /php_action/editUser.php endpoint where the edituserName parameter enables SQL injection. The vulnerability allows remote exploitation and was disclosed publicly. Multiple sources corroborate an SQL injection or...

CVE-2025-6901

The CVE-2025-6901 entry refers to code-projects Inventory Management System 1.0 with a SQL injection in the userid parameter of the /php_action/removeUser.php endpoint. The vulnerability is remote-exploitable and has publicly disclosed exploits. Connected sources consistently identify the affecte...

CVE-2025-6900

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6900

The CVE-2025-6900 entry affects code-projects Library System 1.0, with the flaw located in /add-book.php where the image parameter allows unrestricted file uploads. This remote, publicly disclosed vulnerability could enable attackers to upload arbitrary files. Several sources (NVD, Red Hat, CNNVD...

CVE-2025-6900 code-projects Library System add-book.php unrestricted upload

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6900 code-projects Library System add-book.php unrestricted upload

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6891

CVE-2025-6891 affects code-projects Inventory Management System 1.0. The vulnerability is a SQL injection driven by manipulating the Username argument in an unknown function within /php_action/createUser.php, and it can be exploited remotely. The exploitation is disclosed publicly in the provided...

CVE-2025-6883

A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /updateindex.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2025-6884

CVE-2025-6884 affects code-projects Staff Audit System 1.0. The vulnerability lies in the /search_index.php file, where unvalidated input in the Search parameter enables SQL injection. Reported as remote and exploitable, with public disclosure noted in multiple sources; impact is data confidentia...

CVE-2025-6884 code-projects Staff Audit System search_index.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6884 code-projects Staff Audit System search_index.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6883

Staff Audit System 1.0 contains a SQL injection vulnerability in /update_index.php via the updateid parameter. Root cause: unsanitized SQL statements from externally provided updateid. Impact: remote attacker can execute arbitrary SQL, potentially stealing data. Exploitation is publicly disclosed...