CVE-2024-25313

Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacherlogin.php...

PT-2024-20880 · Code Projects · Code-Projects Simple School Managment System

Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the id parameter at the "School/delete.php?id=5" endpoint. This means an attacker could potentially inject malicious SQL code by...

CVE-2024-25318

Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2...

CVE-2024-25314

Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2...

CVE-2024-25310

Code-projects Simple School Managment System 1.0 is affected by a SQL Injection in the endpoint School/delete.php?id=5. The vulnerability stems from unsanitized input in the id parameter, enabling arbitrary SQL execution with potential impact on confidentiality, integrity, and availability (CVSSv...

PT-2024-20881 · Code Projects · Code-Projects Simple School Managment System

Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the id parameter at the "School/sub delete.php?id=5" endpoint. This could potentially lead to unauthorized access or manipulation of...

PT-2024-20877 · Code Projects · Code-Projects Simple School Managment System

Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the name parameter at the "School/teacher login.php" endpoint. This could potentially lead to unauthorized access to sensitive data...

CVE-2024-25307

CVE-2024-25307 affects Code-projects Cinema Seat Reservation System 1.0: SQL Injection via the id parameter in /Cinema-Reservation/booking.php?id=1. Root cause is unsafe SQL construction that allows attacker-controlled input to influence queries, with reported CVSS v3.1 base metrics of 9.8 (CRITI...

CVE-2024-25318

Code-projects Hotel Managment System 1.0 is affected by CVE-2024-25318, where the pid parameter in Hotel/admin/print.php?pid=2 enables SQL injection. Root cause is unsafe handling/validation of the pid value, permitting attacker-crafted queries that could disclose or manipulate data. CVSS 3.1 bas...

CVE-2024-25315

CVE-2024-25315 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL injection via the rid parameter in Hotel/admin/roombook.php?rid=2, arising from unsanitized input in that endpoint. CVSS v3.1 metrics show a CRITICAL impact (C:H, I:H, A:H) with NETWORK attack vector and ...

CVE-2024-25316

CVE-2024-25316 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL Injection in the endpoint Hotel/admin/usersettingdel.php?eid=2, via the eid parameter. Affected component: the usersettingdel handling code under Hotel/admin. Impact is described as high/critical in CVSS ...

CVE-2024-25312

CVE-2024-25312 affects Code-projects Simple School Managment System 1.0. Affected component: the id parameter in the endpoint at School/sub_delete.php?id=5, where lack of input validation enables SQL Injection. This is documented across multiple sources (NVD/Red Hat/CNVD/CVE listing) and describe...

CVE-2024-25314

Code-projects Hotel Managment System 1.0 is affected by CVE-2024-25314. The vulnerability is a SQL Injection via the sid parameter in Hotel/admin/show.php?sid=2, impacting confidentiality, integrity, and availability (CVSS v3.1: 9.8). The available documents identify the affected component and th...

CVE-2024-25313

The CVE-2024-25313 entry concerns Code-projects Simple School Managment System 1.0 with an authentication bypass in School/teacher_login.php via the username and password parameters. Public documents consistently describe bypass of authentication (high impact: confidentiality, integrity, availabi...

CVE-2024-25308

CVE-2024-25308 concerns Code-projects Simple School Managment System 1.0, where an SQL injection flaw exists in the teacher_login.php endpoint via the name parameter. The CVSS metrics included with the entry indicate a high impact: base score 8.8 (Confidentiality, Integrity, Availability all High...

CVE-2024-25305

CVE-2024-25305 affects Code-projects Simple School Managment System 1.0. The issue is an authentication bypass via the username and password parameters on the School/index.php endpoint, enabling bypass of login to gain administrative access. The connected documents corroborate the vulnerability a...

CVE-2024-25304

The CVE-2024-25304 affects Code-projects Simple School Management System 1.0, where an SQL Injection flaw exists in the School/index.php entry point via the 'apass' parameter. The root cause is lack of input validation for this parameter, enabling attackers to manipulate queries and potentially a...

CVE-2024-25314

Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2...

CVE-2024-25306

CVE-2024-25306 affects Code-projects Simple School Managment System 1.0. The vulnerability is a SQL injection via the aname parameter in School/index.php , caused by lack of input validation. Impact is described as high on confidentiality, integrity, and availability per CVSS 3.1 (AV:N/AC:L/PR:L/...

CVE-2024-0722

A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be...