PT-2025-27348 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been discovered, affecting an unknown part of the file /forum viewfile.php. The manipulation of the Name argument leads to SQL injection. This issue can be exploited...

PT-2025-27344 · Unknown · Code-Projects Simple Photo Gallery

Name of the Vulnerable Software and Affected Versions: code-projects Simple Photo Gallery version 1.0 Description: A critical issue was found in the code-projects Simple Photo Gallery. The problem is related to an unknown function of the file /upload-photo.php. The manipulation of the file img...

CVE-2025-6834 code-projects Inventory Management System editPayment.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-6828

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-6828

CVE-2025-6828 affects code-projects Inventory Management System 1.0, with SQL injection in /orders.php via the i parameter. Root cause: unsafely handled input in orders.php allows remote attacker to manipulate SQL statements. Multiple sources (NVD, RH) describe it as critical with remote, unauthe...

CVE-2025-6827 code-projects Inventory Management System editOrder.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /phpaction/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-6827

The CVE-2025-6827 entry pertains to code-projects Inventory Management System 1.0. The vulnerability is in /php_action/editOrder.php and is caused by insufficient input filtering, leading to a SQL injection. Impact is described as remote, with high/critical potential across confidentiality, integ...

CVE-2025-6826 code-projects Payroll Management System ajax.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /PayrollManagementSystem/ajax.php?action=savedepartment. The manipulation of the argument ID leads to sql injection. T...

CVE-2025-6826

The CVE-2025-6826 entry concerns code-projects Payroll Management System 1.0 where the vulnerability resides in /Payroll_Management_System/ajax.php?action=save_department. The root cause is an SQL injection caused by manipulation of the ID parameter, enabling remote exploitation. Public disclosur...

CVE-2025-6823

CVE-2025-6823 affects code-projects Inventory Management System 1.0. The vulnerability arises from improper handling of the editProductName parameter in /php_action/editProduct.php, enabling SQL injection. Exploitation is described as remote and the exploit has been disclosed publicly. Connected ...

CVE-2025-6823 code-projects Inventory Management System editProduct.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /phpaction/editProduct.php. The manipulation of the argument editProductName leads to sql injection. The attack may be initiated...

CVE-2025-6822 code-projects Inventory Management System removeProduct.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/removeProduct.php. The manipulation of the argument productId leads to sql injection. The attack can be initiated remotely...

CVE-2025-6821

Code-projects Inventory Management System 1.0 contains a SQL injection in /php_action/createOrder.php due to insufficient input filtering. The vulnerability allows remote exploitation and is publicly disclosed; multiple sources corroborate manipulation of the database and potential data exposure....

CVE-2025-6821 code-projects Inventory Management System createOrder.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /phpaction/createOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6820 code-projects Inventory Management System createProduct.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /phpaction/createProduct.php. The manipulation of the argument productName leads to sql injection. The attack may be launched...

CVE-2025-6820

CVE-2025-6820 affects code-projects Inventory Management System 1.0, specifically the file /php_action/createProduct.php where the productName parameter can be manipulated to trigger SQL injection. The issue is exploitable remotely, and public exploitation has been disclosed. Concrete remediation...

CVE-2025-6819 code-projects Inventory Management System removeBrand.php sql injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /phpaction/removeBrand.php. The manipulation of the argument brandId leads to sql injection. The attack can be launche...

PT-2025-27322 · Unknown · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical issue has been found, affecting an unknown part of the file /php action/createOrder.php, leading to sql injection. The manipulation can be initiated remotely...

PT-2025-27324 · Code Projects · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical issue affects the processing of the file /php action/editProduct.php, where the manipulation of the editProductName argument leads to SQL injection. The attack can ...

PT-2025-27320 · Code Projects · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /php action/createProduct.php. The manipulation of the productName argument leads to SQL injection. The attack...