PT-2025-27335 · Unknown · Code-Projects Library System

Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical issue affects the processing of the file "/student-issue-book.php". The manipulation of the reg argument leads to SQL injection. The attack may be initiated remotely...

PT-2025-27345 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical vulnerability was found in the code-projects Simple Forum. The issue affects an unknown functionality of the file /signin.php. The manipulation of the User argument leads to SQL...

PT-2025-27375 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been discovered, affecting the /forum downloadfile.php file. The manipulation of the filename argument leads to path traversal. This issue can be initiated remotely...

PT-2025-27351 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been found in the processing of the file /forum1.php, allowing unrestricted upload through the manipulation of the File argument. This can be initiated remotely. The...

PT-2025-27336 · Unknown · Code-Projects Library System

Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability has been found in the code-projects Library System. The issue affects an unknown function of the file /profile.php. The manipulation of the phone argument leads to...

PT-2025-27352 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A problem was found in an unknown function of the file /forum edit1.php. The manipulation of the argument text leads to cross site scripting. It is possible to launch the attack remotely. Th...

CVE-2025-6834 code-projects Inventory Management System editPayment.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-6828

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-6828

CVE-2025-6828 affects code-projects Inventory Management System 1.0, with SQL injection in /orders.php via the i parameter. Root cause: unsafely handled input in orders.php allows remote attacker to manipulate SQL statements. Multiple sources (NVD, RH) describe it as critical with remote, unauthe...

CVE-2025-6827

The CVE-2025-6827 entry pertains to code-projects Inventory Management System 1.0. The vulnerability is in /php_action/editOrder.php and is caused by insufficient input filtering, leading to a SQL injection. Impact is described as remote, with high/critical potential across confidentiality, integ...

CVE-2025-6827 code-projects Inventory Management System editOrder.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /phpaction/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-6826 code-projects Payroll Management System ajax.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /PayrollManagementSystem/ajax.php?action=savedepartment. The manipulation of the argument ID leads to sql injection. T...

CVE-2025-6826

The CVE-2025-6826 entry concerns code-projects Payroll Management System 1.0 where the vulnerability resides in /Payroll_Management_System/ajax.php?action=save_department. The root cause is an SQL injection caused by manipulation of the ID parameter, enabling remote exploitation. Public disclosur...

CVE-2025-6823 code-projects Inventory Management System editProduct.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /phpaction/editProduct.php. The manipulation of the argument editProductName leads to sql injection. The attack may be initiated...

CVE-2025-6823

CVE-2025-6823 affects code-projects Inventory Management System 1.0. The vulnerability arises from improper handling of the editProductName parameter in /php_action/editProduct.php, enabling SQL injection. Exploitation is described as remote and the exploit has been disclosed publicly. Connected ...

CVE-2025-6822 code-projects Inventory Management System removeProduct.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/removeProduct.php. The manipulation of the argument productId leads to sql injection. The attack can be initiated remotely...

CVE-2025-6821 code-projects Inventory Management System createOrder.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /phpaction/createOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6821

Code-projects Inventory Management System 1.0 contains a SQL injection in /php_action/createOrder.php due to insufficient input filtering. The vulnerability allows remote exploitation and is publicly disclosed; multiple sources corroborate manipulation of the database and potential data exposure....

CVE-2025-6820 code-projects Inventory Management System createProduct.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /phpaction/createProduct.php. The manipulation of the argument productName leads to sql injection. The attack may be launched...

CVE-2025-6820

CVE-2025-6820 affects code-projects Inventory Management System 1.0, specifically the file /php_action/createProduct.php where the productName parameter can be manipulated to trigger SQL injection. The issue is exploitable remotely, and public exploitation has been disclosed. Concrete remediation...