CVE-2026-5805 code-projects Easy Blog Site contact_us.php sql injection

A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contactus.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made available...

CVE-2026-5805

Code-projects Easy Blog Site (up to version 1.0) contains a SQL injection in /users/contact_us.php where manipulating the Name parameter can trigger database queries remotely. The vulnerability’s exploitability is network-based with low impact on confidentiality, integrity, and availability, and ...

Code-Projects Easy Blog Site 代码注入漏洞

Code-Projects Easy Blog Site is an easy blog website developed by Code-Projects as open source. Version 1.0 of code-projects Easy Blog Site has a code injection vulnerability, which stems from the handling of the parameter postTitle in the file posts/update.php. This vulnerability may lead to...

CVE-2026-5649

A vulnerability has been found in code-projects Online Application System for Admission 1.0. This issue affects some unknown processing of the file /enrollment/admsnform.php of the component Endpoint. Such manipulation leads to sql injection. The attack can be executed remotely. The exploit has...

CVE-2026-5665

A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack is possible to...

CVE-2026-5705 code-projects Online Hotel Booking Booking Endpoint booknow.php cross site scripting

A vulnerability was identified in code-projects Online Hotel Booking 1.0. Affected by this vulnerability is an unknown functionality of the file /booknow.php of the component Booking Endpoint. Such manipulation of the argument roomname leads to cross site scripting. It is possible to launch the...

CVE-2026-5705

The CVE-2026-5705 entry describes a cross-site scripting vulnerability in code-projects Online Hotel Booking 1.0. Affected is an unknown functionality in the Booking Endpoint at /booknow.php, where manipulation of the roomname argument enables XSS. Attacks can be launched remotely and the exploit...

CVE-2026-5705 code-projects Online Hotel Booking Booking Endpoint booknow.php cross site scripting

A vulnerability was identified in code-projects Online Hotel Booking 1.0. Affected by this vulnerability is an unknown functionality of the file /booknow.php of the component Booking Endpoint. Such manipulation of the argument roomname leads to cross site scripting. It is possible to launch the...

CVE-2026-5672 code-projects Simple IT Discussion Forum Parameter edit-category.php sql injection

A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /edit-category.php of the component Parameter Handler. The manipulation of the argument catid leads to sql injection. It is possible to initiate the...

CVE-2026-5672 code-projects Simple IT Discussion Forum Parameter edit-category.php sql injection

A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /edit-category.php of the component Parameter Handler. The manipulation of the argument catid leads to sql injection. It is possible to initiate the...

CVE-2026-5666

Code-projects Online FIR System 1.0 is affected. The vulnerability lies in the SQL Database Backup File Handler’s /complaints.sql functionality, where manipulation leads to insecure storage of sensitive information. Attack surface is network-based with no authentication required (per CVSS data), ...

CVE-2026-5666 code-projects Online FIR System SQL Database Backup File complaints.sql sensitive information

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be perform...

CVE-2026-5666 code-projects Online FIR System SQL Database Backup File complaints.sql sensitive information

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be perform...

CVE-2026-5665 code-projects Online FIR System Login checklogin.php sql injection

A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack is possible to...

CVE-2026-5665 code-projects Online FIR System Login checklogin.php sql injection

A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack is possible to...

CVE-2026-5665

CVE-2026-5665 affects code-projects Online FIR System 1.0. The vulnerability is an SQL injection in the Login component, specifically the /Login/checklogin.php function, caused by unsafely handling the email/password inputs. Exploitation is remote and public disclosures exist; CVSS data indicate ...

CVE-2026-5649

CVE-2026-5649 affects code-projects Online Application System for Admission 1.0, specifically the Endpoint’s file /enrollment/admsnform.php. The issue is a SQL injection caused by some unknown processing in that endpoint, allowing remote execution. Public exploit existence is stated, and the expl...

CVE-2026-5648 code-projects Simple Laundry System Parameter userfinishregister.php sql injection

A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /userfinishregister.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack is possible. The...

CVE-2026-5647 code-projects Online Shoe Store Add Product admin_feature.php cross site scripting

A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/adminfeature.php of the component Add Product Page. The manipulation of the argument productname results in cross site scripting. The attack may be launched remotely. The exploit i...

CVE-2026-5647

CVE-2026-5647 affects code-projects Online Shoe Store 1.0. The vulnerability is in the admin feature for adding products, specifically through an XSS condition triggered by manipulating the product_name parameter in /admin/admin_feature.php. The issue is exploitable remotely, and public exploit d...