EUVD-2026-21780

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-6151 code-projects Vehicle Showroom Management System PaymentStatusFunction.php sql injection

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-6150 code-projects Simple Laundry System checkupdatestatus.php cross site scripting

A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument serviceId leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source vehicle exhibition hall management system developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

Code-Projects Vehicle Showroom Management System is an open-source automotive showroom management system developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the...

Faculty Management System SQL注入漏洞

The Faculty Management System is an instructor management system developed by code-projects as open source. Version 1.0 of the Faculty Management System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter ID in the file /subject-print.php, which ma...

Code-Projects Lost and Found Thing Management SQL注入漏洞

Code-Projects Lost and Found Thing Management is an open-source lost and found management tool developed by Code-Projects. Version 1.0 of Code-Projects Lost and Found Thing Management contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the cat parameter in...

CVE-2026-6035 code-projects Vehicle Showroom Management System ServiceAndSalesReport.php cross site scripting

A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The affected element is an unknown function of the file /BranchManagement/ServiceAndSalesReport.php. The manipulation of the argument BRANCHID leads to cross site scripting. Remote exploitation of the attack i...

CVE-2026-6034

The CVE-2026-6034 entry concerns code-projects Vehicle Showroom Management System 1.0. The vulnerability affects the file /BranchManagement/ProfitAndLossReport.php where manipulating the BRANCH_ID parameter enables cross-site scripting. The description indicates a remote attack is possible and th...

CVE-2026-6032

CVE-2026-6032 affects code-projects Simple Laundry System 1.0. The vulnerability is in /checkcheckout.php where manipulating the argument serviceId enables cross-site scripting. Exploitation is remotely possible over NETWORK with low attack complexity and no privileges required; user interaction ...

CVE-2026-6006 code-projects Patient Record Management System edit_hpatient.php sql injection

A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2026-6006

The vulnerability affects code-projects Patient Record Management System 1.0, specifically the /edit_hpatient.php function where manipulating the ID parameter leads to a SQL injection. The issue is exploitable remotely and is described as a proof-of-concept in the provided details. No explicit re...

CVE-2026-6005

CVE-2026-6005 affects code-projects Patient Record Management System 1.0; the vulnerable component is hematology_print.php, where manipulating the hem_id parameter enables SQL injection. Exploitation is possible remotely and an exploit has been published. The provided documents do not include any...

CVE-2026-6004 code-projects Simple IT Discussion Forum delete-category.php sql injection

A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument catid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

CVE-2026-6003

CVE-2026-6003 concerns a cross-site scripting vulnerability in the code-projects Simple IT Discussion Forum 1.0. The issue arises in the admin/user.php handler, where manipulation of the fname argument can trigger script execution in remote contexts. The vulnerability is documented with low sever...

CVE-2026-6003 code-projects Simple IT Discussion Forum user.php cross site scripting

A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /admin/user.php. Such manipulation of the argument fname leads to cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...

EUVD-2026-21224

A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument userId results in sql injection. The attack may be performed from remote. The exploit has been released to the...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source system for managing automobile showrooms developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source system for managing automobile showrooms developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling...