CVE-2025-6846 code-projects Simple Forum forum_viewfile.php sql injection

A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forumviewfile.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-6845

CVE-2025-6845 affects code-projects Simple Forum version 1.0. The vulnerability is in the file /register1.php where manipulating the User parameter enables SQL injection. The issue can be exploited remotely and has been publicly disclosed. Public sources describe the vulnerability with various CV...

CVE-2025-6845 code-projects Simple Forum register1.php sql injection

A vulnerability was found in code-projects Simple Forum 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /register1.php. The manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-6844

A vulnerability was found in code-projects Simple Forum 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signin.php. The manipulation of the argument User leads to sql injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-6842

A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-6844 code-projects Simple Forum signin.php sql injection

A vulnerability was found in code-projects Simple Forum 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signin.php. The manipulation of the argument User leads to sql injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-6844

CVE-2025-6844 relates to code-projects Simple Forum 1.0, where the /signin.php endpoint’s parameter User is vulnerable to SQL injection. Multiple connected sources (NVD, Red Hat, CNVD/CNNVD, PT Security enrichment) confirm remote exploitation and public disclosure, with potential data theft impli...

CVE-2025-6843

The CVE-2025-6843 entry concerns code-projects Simple Photo Gallery v1.0. The vulnerability is in an unknown function of the file /upload-photo.php, where manipulating the file_img parameter enables unrestricted file upload over the network and can be exploited remotely. Public disclosure of the ...

CVE-2025-6842 code-projects Product Inventory System edit_user.php sql injection

A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-6842

CVE-2025-6842 affects Code-Projects Product Inventory System 1.0. The issue is an SQL injection in the file /admin/edit_user.php caused by manipulation of the ID parameter. It can be initiated remotely and the exploit has been disclosed publicly. Affected component: processing of the ID in edit_u...

CVE-2025-6842 code-projects Product Inventory System edit_user.php sql injection

A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-6841 code-projects Product Inventory System edit_product.php sql injection

A vulnerability has been found in code-projects Product Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2025-6841

CVE-2025-6841 affects code-projects Product Inventory System 1.0. The vulnerability is an SQL injection in the /admin/edit_product.php file caused by manipulation of the ID parameter. It can be exploited remotely and has public disclosure. Connected sources corroborate a critical risk profile wit...

CVE-2025-6841 code-projects Product Inventory System edit_product.php sql injection

A vulnerability has been found in code-projects Product Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2025-6840 code-projects Product Inventory System Login index.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely...

CVE-2025-6840 code-projects Product Inventory System Login index.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely...

CVE-2025-6836

A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-6837

CVE-2025-6837 affects code-projects Library System 1.0. The vulnerability is in the file /profile.php where the image parameter can be manipulated to achieve unrestricted file upload. The issue arises from lack of validation of uploaded files, enabling remote exploitation. Multiple sources corrob...

CVE-2025-6837 code-projects Library System profile.php unrestricted upload

A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

CVE-2025-6837 code-projects Library System profile.php unrestricted upload

A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been...