Code-Projects Church Donation System 注入漏洞

Code-Projects Church Donation System is an open source church donation system by Code-Projects. An injection vulnerability exists in Code-Projects Church Donation System version 1.0, which stems from an SQL injection attack due to the incorrect operation of the parameter firstname in the file...

Code-Projects Food Ordering Review System 注入漏洞

Code-Projects Food Ordering Review System is a Code-Projects open source food ordering review system. An injection vulnerability exists in Code-Projects Food Ordering Review System version 1.0, which originates from a SQL injection due to misuse of the parameter fname in the file...

CVE-2025-7756

CVE-2025-7756 describes a cross-site request forgery in code-projects E-Commerce Site 1.0, affecting an unknown function. The flaw enables remote exploitation and the exploit has been disclosed publicly. Several connected sources consistently identify CSRF as the issue; no specific fix version or...

CVE-2025-7756 code-projects E-Commerce Site cross-site request forgery

A vulnerability classified as problematic has been found in code-projects E-Commerce Site 1.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

PT-2025-29973 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Site version 1.0 Description: A problematic issue exists in code-projects E-Commerce Site. The issue involves cross-site request forgery, potentially allowing remote attacks. The exploit for this issue has been public...

Code-Projects Online Ordering System 代码问题漏洞

Online Ordering System is an online ordering system. A file upload vulnerability exists in Online Ordering System that stems from a lack of valid validation of uploaded files by the parameter image in the file /admin/editproduct.php. No details of the vulnerability are available at this time...

PT-2025-29945 · Code Projects · Online Appointment Booking System

Name of the Vulnerable Software and Affected Versions: code-projects Online Appointment Booking System version 1.0 Description: A critical vulnerability has been identified in code-projects Online Appointment Booking System 1.0. The issue affects unknown processing of the file...

PT-2025-29964 · Code Projects · Online Appointment Booking System

Name of the Vulnerable Software and Affected Versions: code-projects Online Appointment Booking System version 1.0 Description: A critical vulnerability exists in code-projects Online Appointment Booking System. The issue involves a SQL injection vulnerability in an unknown function of the...

CVE-2025-7595

A vulnerability was found in code-projects Job Diary 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view-cad.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7593

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-all.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-7612 code-projects Mobile Shop login.php sql injection

A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7612 code-projects Mobile Shop login.php sql injection

A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7609

A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruseremail leads to sql injection. The attack can be launched remotely. The...

CVE-2025-7606

CVE-2025-7606 affects AVL Rooms 1.0, with a SQL injection in /city.php triggered by the city parameter. The vulnerability is exploitable remotely and publicly disclosed, prompting immediate attention. Reported by multiple sources (NVD, Red Hat, CVE List) across tooling ecosystems. Root cause cent...

CVE-2025-7606 code-projects AVL Rooms city.php sql injection

A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of the argument city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-7606 code-projects AVL Rooms city.php sql injection

A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of the argument city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-7605

CVE-2025-7605 affects AVL Rooms 1.0 by Code-Projects. The vulnerability is an SQL injection in /profile.php via the first_name parameter, exploitable remotely. Exploit has been publicly disclosed. Affects unknown functionality; exploitability and impact are described as high in CVSS notes across ...

CVE-2025-7605 code-projects AVL Rooms profile.php sql injection

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-7594

CVE-2025-7594 affects code-projects Job Diary 1.0. The vulnerability is a SQL injection in the /view-emp.php file, caused by unsafely using the idle parameter ID without validation, enabling remote exploitation. Public disclosures indicate an attacker can run arbitrary SQL, with potential data ac...

CVE-2025-7593 code-projects Job Diary view-all.php sql injection

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-all.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...