CVE-2025-7509

Summary: CVE-2025-7509 affects code-projects Modern Bag 1.0. The vulnerability is in the file /admin/slide.php, where the idSlide parameter is manipulated to cause a SQL injection. This allows remote initiation and, per the description, the exploit has been disclosed publicly. Several connected s...

Code-Projects Online Appointment Booking System 注入漏洞

Code-Projects Online Appointment Booking System is a Code-Projects open source online appointment booking system. Code-Projects Online Appointment Booking System version 1.0 suffers from an injection vulnerability, which originates from SQL injection due to incorrect operation of the parameter...

Code-Projects Modern Bag 注入漏洞

Code-Projects Modern Bag is an online management system from Code-Projects open source. An injection vulnerability exists in Code-Projects Modern Bag version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter idSlide in the file /admin/slide.php...

PT-2025-29358 · Code Projects · Online Appointment Booking System

Name of the Vulnerable Software and Affected Versions: code-projects Online Appointment Booking System version 1.0 Description: A critical issue exists in code-projects Online Appointment Booking System 1.0. The vulnerability is located in an unknown part of the /ulocateus.php file. Manipulation ...

PT-2025-29354 · Unknown · Code-Projects Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A critical issue exists in the processing of the /user/update account.php file. Manipulation of the musername argument can lead to SQL injection. The attack can be initiated remotely. The...

PT-2025-29385 · Code Projects · Online Appointment Booking System

Name of the Vulnerable Software and Affected Versions: code-projects Online Appointment Booking System version 1.0 Description: A critical vulnerability exists in code-projects Online Appointment Booking System 1.0. The issue involves a SQL injection vulnerability in an unknown function within th...

CVE-2025-7508 code-projects Modern Bag product-update.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. Th...

CVE-2025-7508 code-projects Modern Bag product-update.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. Th...

CVE-2025-7508

The CVE-2025-7508 entry concerns code-projects Modern Bag 1.0, with a SQL injection in /admin/product-update.php arising from unsanitized manipulation of idProduct. A remote attacker could exploit this, and public exploits have been disclosed. Multiple connected sources corroborate the presence o...

CVE-2025-7478

A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. Affected is an unknown function of the file /admin/category-list.php. The manipulation of the argument idCate leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-7478 code-projects Modern Bag category-list.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. Affected is an unknown function of the file /admin/category-list.php. The manipulation of the argument idCate leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-7478 code-projects Modern Bag category-list.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. Affected is an unknown function of the file /admin/category-list.php. The manipulation of the argument idCate leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-7476 code-projects Simple Car Rental System approve.php sql injection

A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

CVE-2025-7474

A vulnerability was found in code-projects Job Diary 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclose...

CVE-2025-7471

A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. The attack can be launched remotely. The...

CVE-2025-7474 code-projects Job Diary search.php sql injection

A vulnerability was found in code-projects Job Diary 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclose...

CVE-2025-7471

Summary: CVE-2025-7471 affects code-projects Modern Bag 1.0. Affected component: /admin/login-back.php. Root cause: input manipulation of the parameter user-name enables SQL injection. Impact: remote exploitation with potential data theft; exploitation publicly disclosed. Evidence from connected ...

CVE-2025-7467

CVE-2025-7467 affects code-projects Modern Bag 1.0. The vulnerability is in the file /product-detail.php where the ID parameter can be manipulated to perform SQL injection. This allows remote initiation of an attack, and the exploit has been disclosed publicly. Connected sources corroborate an SQ...

CVE-2025-7461 code-projects Modern Bag action.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the argument proId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...

CVE-2025-7461 code-projects Modern Bag action.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the argument proId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...