CVE-2025-13578 code-projects Library System Login index.php sql injection

A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-13578 code-projects Library System Login index.php sql injection

A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-13576

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13575

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

CVE-2025-13576

Blog Site 1.0 is affected by CVE-2025-13576 due to improper authorization in the admin.php file. The vulnerability arises from an unclear/unknown function in /admin.php that can be manipulated to bypass authorization, enabling remote exploitation. Multiple endpoints are affected, and exploitation...

CVE-2025-13576 code-projects Blog Site admin.php improper authorization

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13576 code-projects Blog Site admin.php improper authorization

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

CVE-2025-13575

CVE-2025-13575 affects code-projects Blog Site 1.0. The vulnerability is in the function category_exists in /resources/functions/blog.php (Category Handler). The issue arises from manipulation of the argument name/field, enabling SQL injection. The attack can be performed remotely and the exploit...

CVE-2025-13574

A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit...

CVE-2025-13574

The CVE-2025-13574 issue affects Code-Projects Online Bidding System 1.0, specifically the function categoryadd in /administrator/addcategory.php. Manipulating the argument catimage enables unrestricted file uploads, allowing remote exploitation. Public exploits exist according to the description...

CVE-2025-13574 code-projects Online Bidding System addcategory.php categoryadd unrestricted upload

A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit...

CVE-2025-13574 code-projects Online Bidding System addcategory.php categoryadd unrestricted upload

A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit...

PT-2025-47878

A security flaw has been discovered in code-projects Jonnys Liquor 1.0. Affected by this issue is some unknown functionality of the file /detail.php of the component GET Parameter Handler. Performing manipulation of the argument Product results in sql injection. Remote exploitation of the attack ...

Code-Projects Blog Site 授权问题漏洞

Blog Site is a blogging system. Blog Site suffers from an improper authorization vulnerability that originates in the file /admin.php, which can be exploited by an attacker to compromise confidentiality, integrity, and availability...

PT-2025-47870

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

Code-Projects Question Paper Generator SQL注入漏洞

Code-Projects Question Paper Generator is an open source question paper generation software from Code-Projects. Code-Projects Question Paper Generator version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter Fname in the file /signupscript.php...

PT-2025-47882

Name of the Vulnerable Software and Affected Versions code-projects COVID Tracking System version 1.0 Description A flaw exists in the processing of the /login.php file within the software. Manipulation of the code argument can lead to SQL injection. This issue is remotely exploitable and an...

Code-Projects Online Bidding System 代码问题漏洞

Code-Projects Online Bidding System is a Code-Projects open source online bidding system. Code-Projects Online Bidding System version 1.0 has a code issue vulnerability, the vulnerability stems from the file /administrator/addcategory.php function categoryadd to the parameter catimage incorrect...