CVE-2025-7180 code-projects Staff Audit System login.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-6884

CVE-2025-6884 affects code-projects Staff Audit System 1.0. The vulnerability lies in the /search_index.php file, where unvalidated input in the Search parameter enables SQL injection. Reported as remote and exploitable, with public disclosure noted in multiple sources; impact is data confidentia...

CVE-2025-6884 code-projects Staff Audit System search_index.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6883

Staff Audit System 1.0 contains a SQL injection vulnerability in /update_index.php via the updateid parameter. Root cause: unsanitized SQL statements from externally provided updateid. Impact: remote attacker can execute arbitrary SQL, potentially stealing data. Exploitation is publicly disclosed...