PT-2025-47077

Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 2.0 Description A flaw exists in code-projects Student Information System version 2.0 related to the processing of the /register.php file. This can be exploited remotely to perform SQL injection...

Code-Projects Student Information System SQL注入漏洞

Student Information System is a student information system. Student Information System is vulnerable to a SQL injection vulnerability that originates from a lack of security filtering of the Username parameter in the /index.php file. No details of the vulnerability are available at this time...

CVE-2025-13201 code-projects Simple Cafe Ordering System login.php sql injection

A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

CVE-2025-13201

The CVE-2025-13201 entry concerns Code-projects’ Simple Cafe Ordering System 1.0. A SQL injection vulnerability exists in the login.php file, arising from improper handling of the Username parameter. The issue can be exploited remotely, and an exploit is publicly available. Affected component: lo...

CVE-2025-13199 code-projects Email Logging Interface signup.cpp path traversal

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

CVE-2025-13199 code-projects Email Logging Interface signup.cpp path traversal

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

Code-Projects Simple Cafe Ordering System SQL注入漏洞

Simple Cafe Ordering System is a simple coffee ordering system. The Simple Cafe Ordering System suffers from a SQL injection vulnerability that originates from the /login.php file not securely filtering the Username parameter. An attacker can exploit this vulnerability to remotely obtain sensitiv...

CVE-2025-13170

CVE-2025-13170 concerns the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the admin/account editing flow, triggered by manipulating the parameter admin_id in /admin/edit_account.php. Multiple connected sources confirm remote exploitation possibilities and th...

CVE-2025-13170 code-projects Simple Online Hotel Reservation System edit_account.php sql injection

A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing a manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. T...

CVE-2025-13169

CVE-2025-13169 affects the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the file /add_query_reserve.php caused by unsafely handling the room_id parameter, allowing remote exploitation. Public disclosures exist, and multiple sources (CNVD, RH, CNNVD, NVD, CV...

CVE-2025-13169 code-projects Simple Online Hotel Reservation System add_query_reserve.php sql injection

A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /addqueryreserve.php. Such manipulation of the argument roomid leads to sql injection. The attack can be executed remotely. The exploit has...

Code-Projects Simple Online Hotel Reservation System SQL注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. The Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the /admin/editaccount.php file that does not securely filter the adminid parameter. An attacker can explo...

CVE-2025-13076

A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

CVE-2025-13076

A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

CVE-2025-13075

A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Performing manipulation of the argument eid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be...

CVE-2025-13076

The CVE-2025-13076 affects code-projects Responsive Hotel Site 1.0, specifically the /admin/usersetting.php file where manipulation of the usname parameter enables SQL injection. Multiple connected sources (NVD, CNVD, Red Hat, CVE lists, PTSecurity) confirm remote exploitation and that the exploi...

CVE-2025-13076 code-projects Responsive Hotel Site usersetting.php sql injection

A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

CVE-2025-13076 code-projects Responsive Hotel Site usersetting.php sql injection

A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

CVE-2025-13075 code-projects Responsive Hotel Site usersettingdel.php sql injection

A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Performing manipulation of the argument eid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be...

CVE-2025-13075

The CVE-2025-13075 affects code-projects Responsive Hotel Site 1.0, specifically the file /admin/usersettingdel.php where the eid parameter is manipulated. The vulnerability is a SQL injection arising from lack of input validation, enabling remote exploitation. Public exploits are noted. Several ...