CVE-2025-11358 code-projects Simple Banking System removeuser.php sql injection

A weakness has been identified in code-projects Simple Banking System 1.0. Impacted is an unknown function of the file /removeuser.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and...

CVE-2025-11358 code-projects Simple Banking System removeuser.php sql injection

A weakness has been identified in code-projects Simple Banking System 1.0. Impacted is an unknown function of the file /removeuser.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and...

CVE-2025-11357

The CVE-2025-11357 entry concerns code-projects Simple Banking System 1.0, with a SQL injection in the /createuser.php endpoint via the Name parameter due to insufficient input validation. Public exploitation is indicated, and remote initiation is possible. Multiple connected sources corroborate ...

CVE-2025-11357 code-projects Simple Banking System createuser.php sql injection

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

CVE-2025-11357 code-projects Simple Banking System createuser.php sql injection

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

CVE-2025-11354

CVE-2025-11354 affects code-projects Online Hotel Reservation System 1.0. A vulnerability in the /admin/addslideexec.php file allows manipulation of the image parameter to achieve unrestricted file upload. The attack can be performed remotely and exploits have been published. Public metrics indic...

CVE-2025-11353 code-projects Online Hotel Reservation System addgalleryexec.php unrestricted upload

A vulnerability was detected in code-projects Online Hotel Reservation System 1.0. This impacts an unknown function of the file /admin/addgalleryexec.php. Performing manipulation of the argument image results in unrestricted upload. The attack is possible to be carried out remotely. The exploit i...

CVE-2025-11353 code-projects Online Hotel Reservation System addgalleryexec.php unrestricted upload

A vulnerability was detected in code-projects Online Hotel Reservation System 1.0. This impacts an unknown function of the file /admin/addgalleryexec.php. Performing manipulation of the argument image results in unrestricted upload. The attack is possible to be carried out remotely. The exploit i...

CVE-2025-11352 code-projects Online Hotel Reservation System addexec.php unrestricted upload

A security vulnerability has been detected in code-projects Online Hotel Reservation System 1.0. This affects an unknown function of the file /admin/addexec.php. Such manipulation of the argument image leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclos...

CVE-2025-11351 code-projects Online Hotel Reservation System editpicexec.php unrestricted upload

A weakness has been identified in code-projects Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/editpicexec.php. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...

CVE-2025-11351

The CVE-2025-11351 entry affects the code-projects Online Hotel Reservation System 1.0, with the flaw located in the /admin/editpicexec.php file where the image parameter can be manipulated to achieve unrestricted file upload. This root cause enables remote exploitation, and multiple connected so...

EUVD-2025-32611

A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...

CVE-2025-11347

A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...

CVE-2025-11347 code-projects Student Crud Operation Add Student Page/Edit Student add.php move_uploaded_file unrestricted upload

A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...

CVE-2025-11347

CVE-2025-11347 affects code-projects Student Crud Operation up to 3.3, where the function move_uploaded_file in add.php allows unrestricted file upload. The vulnerability can be triggered remotely and the exploit has been publicized. Affected versions are stated as up to 3.3; sources suggest that...

Code-Projects Student Crud Operation 代码问题漏洞

Code-Projects Student Crud Operation is a Code-Projects open source student information system. A code issue vulnerability exists in Code-Projects Student Crud Operation version 3.3 and earlier, which stems from improper manipulation of the moveuploadedfile function in the file add.php, which can...

PT-2025-40957

Name of the Vulnerable Software and Affected Versions code-projects Student Crud Operation versions up to 3.3 Description A flaw exists in code-projects Student Crud Operation that allows for unrestricted file uploads. This is due to manipulation of the move uploaded file function within the...

CVE-2025-11342

A weakness has been identified in code-projects Online Course Registration 1.0. This impacts an unknown function of the file /admin/edit-course.php. Executing manipulation of the argument coursecode can lead to sql injection. The attack can be executed remotely. The exploit has been made availabl...

CVE-2025-11343

A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly an...

CVE-2025-11343 code-projects Student Crud Operation delete.php sql injection

A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly an...