CVE-2025-14968 code-projects Simple Stock System update.php sql injection

A security flaw has been discovered in code-projects Simple Stock System 1.0. Affected by this issue is some unknown functionality of the file /market/update.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been released to...

CVE-2025-14968

CVE-2025-14968 affects Code-Projects Simple Stock System 1.0, specifically the /market/update.php file. The vulnerability arises from mishandling the email parameter, enabling SQL injection. The issue is exploitable remotely and an exploit has been publicly released. Multiple connected sources co...

CVE-2025-14962 code-projects Simple Stock System chatuser.php cross site scripting

A flaw has been found in code-projects Simple Stock System 1.0. The impacted element is an unknown function of the file /market/chatuser.php. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2025-14962

CVE-2025-14962 affects Code-Projects Simple Stock System 1.0. The flaw resides in an unknown function in the file /market/chatuser.php, enabling cross-site scripting. Exploitation is possible remotely and an exploit has been published. Public records (NVD, Red Hat, CVE List, EUVD, CNNVD, VulnDB e...

CVE-2025-14962 code-projects Simple Stock System chatuser.php cross site scripting

A flaw has been found in code-projects Simple Stock System 1.0. The impacted element is an unknown function of the file /market/chatuser.php. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2025-14961

CVE-2025-14961 affects code-projects Simple Blood Donor Management System 1.0. The vulnerability is an SQL injection in the /editedcampaign.php file caused by manipulating the campaignname parameter in an unknown function. Exploitation can be remote, and publicly available exploits exist. Multipl...

CVE-2025-14960 code-projects Simple Blood Donor Management System editeddonor.php sql injection

A security vulnerability has been detected in code-projects Simple Blood Donor Management System 1.0. Impacted is an unknown function of the file /editeddonor.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-14960 code-projects Simple Blood Donor Management System editeddonor.php sql injection

A security vulnerability has been detected in code-projects Simple Blood Donor Management System 1.0. Impacted is an unknown function of the file /editeddonor.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-14959 code-projects Simple Stock System signup.php sql injection

A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...

CVE-2025-14959

The CVE-2025-14959 entry affects code-projects Simple Stock System 1.0. The vulnerability is in the signup flow, specifically in the handling of the Username argument in /market/signup.php, where manipulation can lead to SQL injection. Attacks are described as remotely executable, with proof-of-c...

CVE-2025-14951

CVE-2025-14951 affects Code-Projects Scholars Tracking System 1.0. The vulnerability is in the /home.php file where manipulation of the post_content parameter enables SQL injection. It can be exploited remotely; public disclosures exist. The available connected documents corroborate impact and re...

CVE-2025-14950

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

CVE-2025-14950

Code-projects Scholars Tracking System 1.0 is affected by an SQL injection in the delete_post.php handler. The vulnerability stems from improper handling of the ID parameter in the delete_post.php route, permitting remote exploitation. Multiple sources confirm that the exploit has been publicly r...

CVE-2025-14940 code-projects Scholars Tracking System delete_user.php sql injection

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-14940

CVE-2025-14940 affects Code-Projects Scholars Tracking System 1.0. The vulnerability resides in the /admin/delete_user.php file where an unknown function manipulates the ID parameter, allowing a SQL injection. This can be triggered remotely and, per multiple sources, the exploit has been publicly...

CVE-2025-14940 code-projects Scholars Tracking System delete_user.php sql injection

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-14939 code-projects Online Appointment Booking System deletemanager.php sql injection

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

CVE-2025-14939 code-projects Online Appointment Booking System deletemanager.php sql injection

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

Code-Projects Online Appointment Booking System SQL注入漏洞

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter managername in the file /admin/deletemanager.ph...

Code-Projects Scholars Tracking System SQL注入漏洞

Code-Projects Scholars Tracking System is an open source scholars tracking system by Code-Projects. A SQL injection vulnerability exists in Code-Projects Scholars Tracking System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /deletepost.php, which could lead...