CVE-2023-7138 code-projects Client Details System HTTP POST Request admin sql injection

A vulnerability, which was classified as critical, was found in code-projects Client Details System 1.0. This affects an unknown part of the file /admin of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to...

CVE-2023-7138 code-projects Client Details System HTTP POST Request admin sql injection

A vulnerability, which was classified as critical, was found in code-projects Client Details System 1.0. This affects an unknown part of the file /admin of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to...

CVE-2023-7138

The CVE-2023-7138 entry applies to code-projects Client Details System 1.0. Affected component: HTTP POST Request Handler (file area /admin). Root cause: manipulation of the username argument enables SQL injection. Impact details in sources indicate high risk across confidentiality, integrity, an...

CVE-2023-7137

CVE-2023-7137 affects code-projects Client Details System 1.0. Multiple connected documents confirm a SQL injection in the HTTP POST Request Handler via the uemail parameter (in /clientdetails/), with the vulnerable software version reported as 1.0. The issue is described as critical, with exploi...

Cross site scripting

A vulnerability classified as problematic was found in code-projects Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /main/doctype.php of the component Document Type Handler. The manipulation of the argument docname with the input " leads to...

CVE-2023-7136

CVE-2023-7136 affects code-projects Record Management System 1.0, specifically the Document Type Handler’s /main/doctype.php. The vulnerability stems from manipulating the docname parameter with input like >, enabling cross-site scripting. Exploitation is possible remotely and the exploit has ...

CVE-2023-7135 code-projects Record Management System Offices offices.php cross site scripting

A vulnerability classified as problematic has been found in code-projects Record Management System 1.0. Affected is an unknown function of the file /main/offices.php of the component Offices Handler. The manipulation of the argument officename with the input " leads to cross site scripting. It is...

CVE-2023-7132

A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /userregistration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with th...

Sql injection

A vulnerability was found in code-projects Intern Membership Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /userregistration/ of the component User Registration. The manipulation of the argument userName leads to sql injection...

CVE-2023-7132

CVE-2023-7132 affects code-projects Intern Membership Management System 2.0, specifically the User Registration component’s /user_registration/ path. The issue is a cross-site scripting vulnerability caused by reflecting manipulated values for userName, firstName, lastName, or userEmail, with pay...

CVE-2023-7132 code-projects Intern Membership Management System User Registration cross site scripting

A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /userregistration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with th...

CVE-2023-7131 code-projects Intern Membership Management System User Registration sql injection

A vulnerability was found in code-projects Intern Membership Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /userregistration/ of the component User Registration. The manipulation of the argument userName leads to sql injection...

CVE-2023-7131

CVE-2023-7131 affects code-projects Intern Membership Management System 2.0, specifically the User Registration component. The vulnerability resides in the /user_registration/ file where manipulating the userName argument enables SQL injection. Exploit details are publicly disclosed; no fix detai...

Sql injection

A vulnerability, which was classified as critical, was found in code-projects Voting System 1.0. Affected is an unknown function of the component Voters Login. The manipulation of the argument voter leads to sql injection. The exploit has been disclosed to the public and may be used. The identifi...

CVE-2023-7129 code-projects Voting System Voters Login sql injection

A vulnerability, which was classified as critical, was found in code-projects Voting System 1.0. Affected is an unknown function of the component Voters Login. The manipulation of the argument voter leads to sql injection. The exploit has been disclosed to the public and may be used. The identifi...

CVE-2023-7129

The CVE-2023-7129 entry relates to code-projects Voting System 1.0, specifically a vulnerability in the Voters Login function that allows SQL injection by manipulating the voter argument. The vulnerability is described as critical with a public exploit disclosure. Exploitation status is noted in ...

CVE-2023-7128

A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. This issue affects some unknown processing of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to th...

CVE-2023-7128 code-projects Voting System Admin Login sql injection

A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. This issue affects some unknown processing of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to th...

CVE-2023-7127 code-projects Automated Voting System Login sql injection

A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249130 is...

CVE-2023-7127

The CVE-2023-7127 entry concerns code-projects Automated Voting System 1.0. The vulnerability affects the Login component where manipulation of the argument idno leads to SQL injection, as described in public disclosures. Exploitation information is present in the source materials, indicating a s...