Code-Projects Simple Leave Manager SQL注入漏洞

Code-Projects Simple Leave Manager is an open source leave management system from Code-Projects. A SQL injection vulnerability exists in Code-Projects Simple Leave Manager version 1.0, which stems from incorrect manipulation of the parameter staffid in the file /request.php, which could lead to a...

Code-Projects Simple Shopping Cart 安全漏洞

Simple Shopping Cart is a simple shopping cart system. Simple Shopping Cart suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter adminusername in the file /adminlogin.php. An attacker can exploit this...

Code-Projects Online Ordering System 安全漏洞

Online Ordering System is an online ordering system. Online Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter productid in the file /userschool.php. An attacker can exploit this...

Code-Projects Simple Shopping Cart SQL注入漏洞

Simple Shopping Cart is a simple shopping cart system. Simple Shopping Cart suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter userid in the file /Customers/settings.php. An attacker can exploit this...

code-projects Online Ordering System 安全漏洞

Online Ordering System is an online ordering system. The Online Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /admin/. An attacker can exploit this vulnerability t...

Code-Projects Currency Exchange System SQL注入漏洞

Code-Projects Currency Exchange System is a Code-Projects open source currency exchange system. A SQL injection vulnerability exists in Code-Projects Currency Exchange System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /viewserial.php, which could lead to ...

Code-Projects Online Ordering System 安全漏洞

Online Ordering System is an online ordering system. The Online Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Name in the file /usercontact.php. The vulnerability can be exploited by a...

CVE-2025-14205 code-projects Chamber of Commerce Membership Management System Your Info membership_profile.php cross site scripting

A vulnerability was found in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is an unknown function of the file /membershipprofile.php of the component Your Info Handler. Performing manipulation of the argument Full Name/Address/City/State results in cross site...

CVE-2025-14203

A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and m...

CVE-2025-14203 code-projects Question Paper Generator selectquestionuser.php sql injection

A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and m...

CVE-2025-14203 code-projects Question Paper Generator selectquestionuser.php sql injection

A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and m...

CVE-2025-14203

CVE-2025-14203 affects Code-Projects Question Paper Generator up to version 1.0, with the vulnerability residing in the file /selectquestionuser.php. The root cause is improper handling/manipulation of the subid parameter, enabling SQL injection. This flaw allows remote exploitation, and an explo...

EUVD-2025-201604

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2025-14195

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2025-14195

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2025-14195 code-projects Employee Profile Management System add_file_query.php unrestricted upload

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2025-14195

CVE-2025-14195 affects code-projects Employee Profile Management System 1.0. The vulnerability is tied to the per_file parameter in /profiling/add_file_query.php, where improper validation allows unrestricted file upload. This could enable remote attackers to upload arbitrary files. The exploit i...

CVE-2025-14194 code-projects Employee Profile Management System view_personnel.php cross site scripting

A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...

PT-2025-49408

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/add file query.php. The manipulation of the argument per file results in unrestricted upload. The attack may be launched remotely. The exploit has be...

Code-Projects Employee Profile Management System 代码问题漏洞

Employee Profile Management System is an employee profile management system. Employee Profile Management System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter perfile in the file /profiling/addfilequery.php. No details of the...