CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11600

The CVE-2025-11600 entry corresponds to a SQL injection in code-projects Simple Food Ordering System 1.0, specifically in the editcategory.php file where the cname parameter is not validated. This vulnerability enables remote attackers to manipulate SQL statements via the cname argument, potentia...

CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-11597

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-11597

Summary: CVE-2025-11597 affects the code-projects E-Commerce Website 1.0. The vulnerability resides in the file /pages/product_add_qty.php, where the argument prod_id is not validated, leading to SQL injection. Multiple sources corroborate a remote-exploit scenario with publicly available exploit...

CVE-2025-11596

A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...

CVE-2025-11596 code-projects E-Commerce Website delete_order_details.php sql injection

A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...

CVE-2025-11596 code-projects E-Commerce Website delete_order_details.php sql injection

A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...

PT-2025-41685

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 where manipulation of the prod id argument in the file /pages/product add qty.php can lead to SQL injection. This issue is potential...

CVE-2025-11558

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

CVE-2025-11585 code-projects Project Monitoring System useredit.php sql injection

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11585

CVE-2025-11585 affects code-projects Project Monitoring System 1.0. The vulnerability is a SQL injection in the /useredit.php script caused by unsafely handling the uid parameter. Exploitation is remote and the exploit/public PoC has been reported in multiple sources (CNVD, RH, CNNVD, CVE referen...

CVE-2025-11584

The CVE-2025-11584 entry concerns code-projects Online Job Search Engine 1.0. Multiple connected sources confirm a SQL injection vulnerability in /searchjob.php, triggered by manipulating the txtspecialization parameter. This is described as remotely exploitable with the exploit publicly disclose...

CVE-2025-11584 code-projects Online Job Search Engine searchjob.php sql injection

A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manipulation of the argument txtspecialization leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-11584 code-projects Online Job Search Engine searchjob.php sql injection

A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manipulation of the argument txtspecialization leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-11583

CVE-2025-11583 affects code-projects Online Job Search Engine 1.0, specifically the /postjob.php file. A vulnerability in the txtjobID parameter allows remote SQL injection due to lack of input validation, enabling an attacker to execute arbitrary SQL commands against the database and potentially...

CVE-2025-11583 code-projects Online Job Search Engine postjob.php sql injection

A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...