CVE-2026-1423

The CVE-2026-1423 entry concerns code-projects Online Examination System 1.0. Affected is the file /admin_pic.php, where a manipulation can lead to unrestricted file uploads via remote access. Multiple sources confirm an in-the-wild risk with publicly disclosed exploit details. The Red Hat, CIRCL...

CVE-2026-1421

A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used...

CVE-2026-1421 code-projects Online Examination System Add Pages cross site scripting

A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used...

CVE-2026-1421

CVE-2026-1421 affects code-projects Online Examination System 1.0, specifically the Add Pages component. The vulnerability is a cross-site scripting flaw that can be triggered remotely via the affected function, with exploitation publicly disclosed. Multiple connected sources corroborate the issu...

PT-2026-4815

A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published an...

PT-2026-4727

Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0 Description A flaw exists in the Online Examination System that allows for remote SQL injection. This occurs through manipulation of the User argument within the /index.php file, specifically...

PT-2026-4724

Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0 Description A flaw exists in the Add Pages component of the software, allowing for cross site scripting. This manipulation can be executed remotely. The exploit details have been publicly...

Code-Projects Police Station Management System Security Vulnerabilities

Code-Projects Police Station Management System is an open-source police station management system developed by Code-Projects. The Code-Projects Police Station Management System has a security vulnerability that can be exploited by absolute path traversal attacks, which may lead to the enumeration...

CVE-2026-0850

A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /admin/deleteactivity.php. Executing a manipulation of the argument activityid can lead to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2026-0852

A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpdateUser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been...

CVE-2026-0852

A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpdateUser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been...

CVE-2026-0852 code-projects Online Music Site AdminUpdateUser.php sql injection

A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpdateUser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been...

CVE-2026-0852 code-projects Online Music Site AdminUpdateUser.php sql injection

A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpdateUser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been...

CVE-2026-0852

CVE-2026-0852 affects code-projects Online Music Site 1.0. The vulnerability is a SQL injection in the unknown function of the file /Administrator/PHP/AdminUpdateUser.php, triggered by manipulation of the ID argument. The attack can be executed remotely and the exploit has been released publicly....

Code-Projects Online Music Site SQL注入漏洞

Code-Projects Online Music Site is a Code-Projects open source online music site. Code-Projects Online Music Site version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter txtusername in the file /Administrator/PHP/AdminAddUser.php, which could...

PT-2026-2042

Name of the Vulnerable Software and Affected Versions code-projects Online Music Site version 1.0 Description A security flaw exists in code-projects Online Music Site 1.0. The issue involves a SQL injection impacting an unknown function within the file /Administrator/PHP/AdminUpdateUser.php...

CVE-2026-0851 code-projects Online Music Site AdminAddUser.php sql injection

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is...

CVE-2026-0851 code-projects Online Music Site AdminAddUser.php sql injection

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is...

CVE-2026-0851

Code-projects Online Music Site 1.0 contains an SQL injection in /Administrator/PHP/AdminAddUser.php via the txtusername parameter. The vulnerability allows remote exploitation and is supported by a publicly available exploit. The issue is tied to an unknown function in AdminAddUser.php and is co...

CVE-2026-0850

A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /admin/deleteactivity.php. Executing a manipulation of the argument activityid can lead to sql injection. The attack may be launched remotely. The exploit has been...