CVE-2025-7124 code-projects Online Note Sharing Profile Image userprofile.php unrestricted upload

A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. It is possible to...

PT-2025-28159 · Unknown · Code-Projects Online Note Sharing

Name of the Vulnerable Software and Affected Versions: code-projects Online Note Sharing version 1.0 Description: A critical issue has been discovered, affecting an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the image argume...

CVE-2025-6840

A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely...

CVE-2025-6836

A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-6835

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been...

PT-2025-27490 · Unknown · Code-Projects Simple Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Pizza Ordering System version 1.0 Description: A critical issue was found in the code-projects Simple Pizza Ordering System. The manipulation of the ID argument leads to SQL injection in the /large.php file. This issue ca...

PT-2025-27502 · Unknown · Code-Projects Simple Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Pizza Ordering System version 1.0 Description: A critical issue affects the processing of the file /editcus.php. The manipulation of the ID argument leads to SQL injection. The attack can be initiated remotely. The exploi...

CVE-2025-6828

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-6823

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /phpaction/editProduct.php. The manipulation of the argument editProductName leads to sql injection. The attack may be initiated...

CVE-2025-6822

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/removeProduct.php. The manipulation of the argument productId leads to sql injection. The attack can be initiated remotely...

CVE-2025-6821

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /phpaction/createOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6917 code-projects Online Hotel Booking registration.php sql injection

A vulnerability has been found in code-projects Online Hotel Booking 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/registration.php. The manipulation of the argument uname leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2025-6902

CVE-2025-6902 affects code-projects Inventory Management System 1.0, specifically the /php_action/editUser.php endpoint where the edituserName parameter enables SQL injection. The vulnerability allows remote exploitation and was disclosed publicly. Multiple sources corroborate an SQL injection or...

CVE-2025-6901

The CVE-2025-6901 entry refers to code-projects Inventory Management System 1.0 with a SQL injection in the userid parameter of the /php_action/removeUser.php endpoint. The vulnerability is remote-exploitable and has publicly disclosed exploits. Connected sources consistently identify the affecte...

CVE-2025-6900

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6900

The CVE-2025-6900 entry affects code-projects Library System 1.0, with the flaw located in /add-book.php where the image parameter allows unrestricted file uploads. This remote, publicly disclosed vulnerability could enable attackers to upload arbitrary files. Several sources (NVD, Red Hat, CNNVD...

CVE-2025-6900 code-projects Library System add-book.php unrestricted upload

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6900 code-projects Library System add-book.php unrestricted upload

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-6891

CVE-2025-6891 affects code-projects Inventory Management System 1.0. The vulnerability is a SQL injection driven by manipulating the Username argument in an unknown function within /php_action/createUser.php, and it can be exploited remotely. The exploitation is disclosed publicly in the provided...

CVE-2025-6883

A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /updateindex.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...