CVE-2025-12857

The CVE-2025-12857 issue affects code-projects Responsive Hotel Site 1.0 in /admin/roombook.php where manipulating the rid parameter triggers SQL injection. Multiple connected sources corroborate a remote-exploit scenario with publicly disclosed exploit code and the potential to access or modify ...

CVE-2025-12856 code-projects Responsive Hotel Site reservation.php sql injection

A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

CVE-2025-12856

CVE-2025-12856 affects code-projects Responsive Hotel Site 1.0. The vulnerability lies in the /admin/reservation.php file, where manipulation of the email parameter enables SQL injection. Several connected sources confirm remote exploitation and public availability of an exploit. Provided documen...

CVE-2025-12856 code-projects Responsive Hotel Site reservation.php sql injection

A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

EUVD-2025-38249

A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newsletterdel.php. The manipulation of the argument eid results in sql injection. It is possible to launch the attack remotely. The exploit has been releas...

CVE-2025-12855

The CVE-2025-12855 entry covers code-projects Responsive Hotel Site 1.0, where the /admin/newsletterdel.php file is vulnerable. The root cause is lack of validation of the eid parameter, enabling SQL injection with remote exploitation. Multiple connected sources (CNVD, RH Red Hat, NVD mirrors, an...

Code-Projects Responsive Hotel Site SQL注入漏洞

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter rid in the file /admin/roombook.php. An attacker can exploit this vulnerability to...

PT-2025-45421

Name of the Vulnerable Software and Affected Versions code-projects Responsive Hotel Site version 1.0 Description A security flaw exists in code-projects Responsive Hotel Site version 1.0, specifically within the processing of the /admin/newsletterdel.php file. Manipulation of the eid argument ca...

CVE-2025-12593

CVE-2025-12593 affects code-projects Simple Online Hotel Reservation System 2.0. The Photo Handler component, via /admin/edit_room.php, lacks validation for uploaded files, enabling unrestricted file uploads. Exploitation is possible remotely and a public exploit exists. Connected sources do not ...

CVE-2025-12593 code-projects Simple Online Hotel Reservation System Photo edit_room.php unrestricted upload

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

PT-2025-44732

Name of the Vulnerable Software and Affected Versions code-projects Simple Online Hotel Reservation System version 2.0 Description A security flaw exists in code-projects Simple Online Hotel Reservation System 2.0. The issue involves a SQL injection affecting an unknown function within the...

CVE-2025-63622

A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...

EUVD-2025-36669

A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...

CVE-2025-63622

A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...

CVE-2025-63622

A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...

PT-2025-44307

Name of the Vulnerable Software and Affected Versions code-projects Online Complaint Site version 1.0 Description A flaw exists in the processing of the file '/cms/admin/subcategory.php' within the software. The issue involves a SQL injection that occurs due to manipulation of the category...

Code-Projects Online Complaint Site 安全漏洞

Code-Projects Online Complaint Site is an online complaint site for Code-Projects. A security vulnerability exists in Code-Projects Online Complaint Site version 1.0, which stems from incorrect manipulation of the parameter category in the file /cms/admin/subcategory.php, which could lead to a SQ...

CVE-2025-12334

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

CVE-2025-12282

A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-12263

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...