CVE-2026-7133

The CVE-2026-7133 entry affects code-projects Online Lot Reservation System 1.0, specifically a vulnerability in /activity.php where manipulating the directory argument enables unrestricted upload. This can be triggered remotely and has publicly disclosed exploit details. The connected documents ...

CVE-2026-7132 code-projects Online Lot Reservation System download.php readfile path traversal

A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and cou...

CVE-2026-7132

CVE-2026-7132 affects code-projects Online Lot Reservation System (≤1.0). The vulnerability is in the readfile function of /download.php, where manipulation of the File argument enables path traversal. This can be exploited remotely; a public exploit is noted. CVSS data indicate network access wi...

CVE-2026-7132

A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and cou...

CVE-2026-7131 code-projects Online Lot Reservation System loginuser.php sql injection

A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2026-7131

The CVE-2026-7131 entry concerns code-projects Online Lot Reservation System (up to 1.0). The vulnerable component is an unknown function in /loginuser.php, where manipulation of the email/password parameters allows a SQL injection. The issue is exploitable remotely and, per the records, exploits...

CVE-2026-7131 code-projects Online Lot Reservation System loginuser.php sql injection

A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2026-7118

CVE-2026-7118 affects code-projects Employee Management System 1.0; the vulnerability targets the cancel.php function (370project/cancel.php) where manipulating the id/token parameter triggers a SQL injection. The CVSS metrics indicate a network-based, low-privilege, low-impact on confidentiality...

CVE-2026-7118 code-projects Employee Management System cancel.php sql injection

A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2026-7118 code-projects Employee Management System cancel.php sql injection

A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2026-7117 code-projects Employee Management System approve.php sql injection

A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

CVE-2026-7117

The CVE describes a SQL injection vulnerability in code-projects Employee Management System 1.0, specifically in the file 370project/approve.php. The weakness arises from manipulating the argument id/token, enabling remote exploitation. Public exploitation exists according to the entry. The conne...

CVE-2026-7116 code-projects Employee Management System mark.php cross site scripting

A security flaw has been discovered in code-projects Employee Management System 1.0. This issue affects some unknown processing of the file 370project/mark.php. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released ...

CVE-2026-7116

CVE-2026-7116 affects code-projects Employee Management System 1.0, specifically the file 370project/mark.php. An input manipulation leads to cross-site scripting (XSS) with remote exploitation possible. Exploit appears publicly available. CVSS metrics indicate MEDIUM severity (up to 5.3 on CVSS4...

CVE-2026-7116

A security flaw has been discovered in code-projects Employee Management System 1.0. This issue affects some unknown processing of the file 370project/mark.php. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released ...

CVE-2026-7115 code-projects Employee Management System delete.php sql injection

A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...

CVE-2026-7115

CVE-2026-7115 affects code-projects Employee Management System 1.0, with a vulnerability in the file 370project/delete.php. The issue arises from manipulating the argument ID, allowing SQL injection. Attacks may be launched remotely, and the exploit is publicly available. Current documents do not...

CVE-2026-7115 code-projects Employee Management System delete.php sql injection

A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...

CVE-2026-7109

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and...

CVE-2026-7114 code-projects Employee Management System edit.php sql injection

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...