Code-Projects Intern Membership Management System SQL注入漏洞

Code-Projects Intern Membership Management System is a Code-Projects open source intern membership management system . Code-Projects Intern Membership Management System version 1.0 has a SQL injection vulnerability , the vulnerability stems from the wrong operation of the parameter adminid in the...

CVE-2026-0591

Code-projects Online Product Reservation System 1.0 contains a SQL injection vulnerability in the Cart Update Handler, specifically in the /app/checkout/update.php file’s unknown function. Manipulating the id/qty parameter can trigger the injection, enabling remote exploitation. Public exploit/Po...

CVE-2026-0585 code-projects Online Product Reservation System GET Parameter order_view.php sql injection

A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the file /orderview.php of the component GET Parameter Handler. Such manipulation of the argument transactionid leads to sql injection. The attack can be executed...

CVE-2026-0585 code-projects Online Product Reservation System GET Parameter order_view.php sql injection

A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the file /orderview.php of the component GET Parameter Handler. Such manipulation of the argument transactionid leads to sql injection. The attack can be executed...

CVE-2026-0583 code-projects Online Product Reservation System User Login login.php sql injection

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This vulnerability affects unknown code of the file app/user/login.php of the component User Login. The manipulation of the argument emailadd results in sql injection. The attack may be launched remotely...

PT-2026-1276

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description An issue exists in the Administration Backend component that allows for improper authentication. The issue is triggered by a manipulation of an unknown function. The explo...

Code-Projects Online Product Reservation System 授权问题漏洞

Code-Projects Online Product Reservation System is an open source online product reservation system from Code-Projects. An authorization issue vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which originates from an attacker being able to remotely bypass...

PT-2026-1277

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A flaw exists in the Online Product Reservation System that allows for remote manipulation. The issue stems from a SQL injection point within the POST Parameter Handler,...

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A SQL injection vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which stems from incorrect manipulation of the parameter ID in the file...

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A SQL injection vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which stems from an incorrect manipulation of the parameter transactionid in the...

CVE-2026-0577 code-projects Online Product Reservation System prod.php unrestricted upload

A flaw has been found in code-projects Online Product Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /handgunner-administrator/prod.php. Executing a manipulation can lead to unrestricted upload. It is possible to launch the attack remotely. The...

PT-2026-1187

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A flaw exists in code-projects Online Product Reservation System 1.0 that allows for unrestricted file upload via manipulation of an unknown functionality within the...

Code-Projects Online Appointment Booking System SQL注入漏洞

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter managername in the file /admin/deletemanager.ph...

CVE-2025-14833 code-projects Online Appointment Booking System deletemanagerclinic.php sql injection

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The...

CVE-2025-14646 code-projects Student File Management System delete_student.php sql injection

A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/deletestudent.php. The manipulation of the argument studid results in sql injection. The attack may be performed from remote. The exploit has been released ...

CVE-2025-14646

The CVE-2025-14646 entry describes a SQL injection in code-projects Student File Management System 1.0, triggered by manipulating the stud_id parameter in /admin/delete_student.php. Connected documents (CNVD-2026-00828, RH:CVE-2025-14646, CNNVD-202512-2597, VULNRICHMENT/CVE-2025-14646, PT-2025-51...

CVE-2025-14641 code-projects Computer Laboratory System admin_pic.php unrestricted upload

A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/adminpic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be use...

CVE-2025-14622

Code-projects Student File Management System 1.0 has a SQL injection vulnerability in /admin/save_user.php via the firstname parameter. The issue allows remote exploitation, and public exploits have been released. Multiple connected sources confirm the vulnerability but do not provide a confirmed...

CVE-2025-14249 code-projects Online Ordering System user_school.php sql injection

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /userschool.php. The manipulation of the argument productid results in sql injection. The attack may be performed from remote. The exploit has been released to...

CVE-2025-14195

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...