PT-2025-29430 · Code Projects · Voting System

Name of the Vulnerable Software and Affected Versions: code-projects Voting System version 1.0 Description: A critical issue exists in code-projects Voting System 1.0. The vulnerability affects an unknown functionality within the /admin/positions row.php file. Manipulation of the ID argument...

Code-Projects Wedding Reservation 注入漏洞

Code-Projects Wedding Reservation is an open source wedding reservation system from Code-Projects. An injection vulnerability exists in Code-Projects Wedding Reservation version 1.0, which originates from a SQL injection due to a mishandling of the parameter lu in the file /global.php...

PT-2025-29448 · Code Projects · Job Diary

Name of the Vulnerable Software and Affected Versions: code-projects Job Diary version 1.0 Description: A critical issue exists in code-projects Job Diary 1.0, affecting an unknown functionality within the /view-all.php file. Manipulation of the ID argument results in a SQL injection. The attack...

CVE-2025-7541 code-projects Online Appointment Booking System get_town.php sql injection

A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /gettown.php. The manipulation of the argument countryid leads to sql injection. The attack can be launched...

CVE-2025-7533

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. This issue affects some unknown processing of the file /view-details.php. The manipulation of the argument jobid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7533 code-projects Job Diary view-details.php sql injection

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. This issue affects some unknown processing of the file /view-details.php. The manipulation of the argument jobid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7533

CVE-2025-7533 affects code-projects Job Diary 1.0. The vulnerability is a SQL injection in /view-details.php caused by unsafely handling the job_id parameter, with remote exploitation and a publicly disclosed exploit. Various sources corroborate the issue; PT Security notes there is no informatio...

CVE-2025-7517 code-projects Online Appointment Booking System getDay.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown processing of the file /getDay.php. The manipulation of the argument cidval leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-7517

CVE-2025-7517 affects code-projects Online Appointment Booking System 1.0. The vulnerability is a SQL injection in the file /getDay.php triggered by manipulating the cidval parameter. The issue is exploitable remotely and exploits have been publicly disclosed. Multiple connected sources confirm t...

CVE-2025-7514 code-projects Modern Bag contact-list.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/contact-list.php. The manipulation of the argument idStatus leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2025-7513 code-projects Modern Bag slideupdate.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/slideupdate.php. The manipulation of the argument idSlide leads to sql injection. The attack can be launched remotely. The...

CVE-2025-7513

CVE-2025-7513 affects code-projects Modern Bag 1.0. The vulnerability is in the file /admin/slideupdate.php where manipulating the idSlide parameter allows SQL injection. Multiple sources (CNVD, CNNVD, Red Hat, NVD, CVE listings) confirm remote exploitation with publicly disclosed exploit informa...

CVE-2025-7512 code-projects Modern Bag contact-back.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-back.php. The manipulation of the argument contact-name leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-7512 code-projects Modern Bag contact-back.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-back.php. The manipulation of the argument contact-name leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-7511 code-projects Chat System update_account.php sql injection

A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/updateaccount.php. The manipulation of the argument musername leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-7511 code-projects Chat System update_account.php sql injection

A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/updateaccount.php. The manipulation of the argument musername leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-7511

CVE-2025-7511 affects code-projects Chat System 1.0. The vulnerability is a SQL injection in the handling of the musername parameter in the file /user/update_account.php, enabling remote exploitation. Multiple connected sources confirm the issue and state that the exploit has been publicly disclo...

CVE-2025-7509

A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /admin/slide.php. The manipulation of the argument idSlide leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...

CVE-2025-7510 code-projects Modern Bag productadd_back.php sql injection

A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/productaddback.php. The manipulation of the argument namepro leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-7509 code-projects Modern Bag slide.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /admin/slide.php. The manipulation of the argument idSlide leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...