CVE-2023-7126

A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may...

Sql injection

A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may...

CVE-2023-7126

The CVE-2023-7126 entry affects code-projects Automated Voting System 1.0, specifically the Admin Login component’s /admin/ path. The root cause is a SQL injection via the username parameter in the Admin Login workflow, with public exploitation noted. Mitigations documented in connected sources i...

Cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects E-Commerce Site 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument keyword with the input leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2023-7124

CVE-2023-7124 affects code-projects E-Commerce Site 1.0. the vulnerability is in an unknown function of search.php, where the keyword parameter can be crafted as to trigger a cross-site scripting (XSS). The issue is exploitable remotely and the exploit has been disclosed publicly. Connected sour...

PT-2023-32892 · Code Projects · Code-Projects Intern Membership Management System

Name of the Vulnerable Software and Affected Versions: code-projects Intern Membership Management System version 2.0 Description: A critical issue was found in the User Registration component, specifically in the /user registration/ file. The manipulation of the userName argument leads to SQL...

PT-2023-32896 · Unknown · Code-Projects Patient Record Management System

Name of the Vulnerable Software and Affected Versions: code-projects Record Management System version 1.0 Description: A problematic issue has been discovered, affecting an unknown function of the file /main/offices.php of the component Offices Handler. The manipulation of the argument officename...

PT-2023-32886 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Site version 1.0 Description: A problematic issue was found in the code-projects E-Commerce Site, affecting an unknown function of the file search.php. The manipulation of the keyword argument with the input leads to...

CVE-2023-7111

A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Sql injection

A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-7111 code-projects Library Management System index.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-7111

The CVE-2023-7111 entry describes a SQL injection in code-projects Library Management System 2.0, affecting the category parameter in index.php. Multiple connected sources confirm remote exploitation and public disclosure (VDB-249006). The underlying issue is lack of input validation in the categ...

CVE-2023-7110

CVE-2023-7110 affects code-projects Library Management System 2.0. The vulnerability resides in login.php where manipulation of the student parameter enables SQL injection. It is exploitable remotely and has been publicly disclosed. Affected software is Library Management System 2.0; root cause i...

CVE-2023-7109 code-projects Library Management System login.php sql injection

A vulnerability classified as critical was found in code-projects Library Management System 2.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2023-7109 code-projects Library Management System login.php sql injection

A vulnerability classified as critical was found in code-projects Library Management System 2.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2023-7109

The CVE-2023-7109 entry applies to code-projects Library Management System 2.0, specifically the /admin/login.php file. The vulnerability is a SQL injection caused by manipulation of the username parameter, exploitable remotely. Public disclosure of the exploit is noted. Impact is described in al...

CVE-2023-7108 code-projects E-Commerce Website user_signup.php cross site scripting

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2023-7108

CVE-2023-7108 describes a cross-site scripting vulnerability in code-projects’ E-Commerce Website 1.0. The issue resides in an unknown part of the file user_signup.php, where the argument firstname can be injected with a payload such as , enabling remote initiation of the attack. Affected product...

CVE-2023-7108 code-projects E-Commerce Website user_signup.php cross site scripting

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

PT-2023-32879 · Unknown · Code-Projects Library Management System

Name of the Vulnerable Software and Affected Versions: code-projects Library Management System version 2.0 Description: A critical issue was found in the code-projects Library Management System, affecting the file /admin/login.php. The manipulation of the username argument leads to SQL injection...