CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-11597

Summary: CVE-2025-11597 affects the code-projects E-Commerce Website 1.0. The vulnerability resides in the file /pages/product_add_qty.php, where the argument prod_id is not validated, leading to SQL injection. Multiple sources corroborate a remote-exploit scenario with publicly available exploit...

CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-11596

A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...

CVE-2025-11596 code-projects E-Commerce Website delete_order_details.php sql injection

A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...

CVE-2025-11596 code-projects E-Commerce Website delete_order_details.php sql injection

A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/deleteorderdetails.php. Executing manipulation of the argument orderid can lead to sql injection. The attack can be executed remotely. The exploit has been public...

PT-2025-41685

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 where manipulation of the prod id argument in the file /pages/product add qty.php can lead to SQL injection. This issue is potential...

CVE-2025-11558

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

CVE-2025-11585 code-projects Project Monitoring System useredit.php sql injection

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11585

CVE-2025-11585 affects code-projects Project Monitoring System 1.0. The vulnerability is a SQL injection in the /useredit.php script caused by unsafely handling the uid parameter. Exploitation is remote and the exploit/public PoC has been reported in multiple sources (CNVD, RH, CNNVD, CVE referen...

CVE-2025-11584

The CVE-2025-11584 entry concerns code-projects Online Job Search Engine 1.0. Multiple connected sources confirm a SQL injection vulnerability in /searchjob.php, triggered by manipulating the txtspecialization parameter. This is described as remotely exploitable with the exploit publicly disclose...

CVE-2025-11584 code-projects Online Job Search Engine searchjob.php sql injection

A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manipulation of the argument txtspecialization leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-11584 code-projects Online Job Search Engine searchjob.php sql injection

A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manipulation of the argument txtspecialization leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-11583 code-projects Online Job Search Engine postjob.php sql injection

A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-11583

CVE-2025-11583 affects code-projects Online Job Search Engine 1.0, specifically the /postjob.php file. A vulnerability in the txtjobID parameter allows remote SQL injection due to lack of input validation, enabling an attacker to execute arbitrary SQL commands against the database and potentially...

CVE-2025-11582 code-projects Online Job Search Engine registration.php sql injection

A vulnerability was detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown processing of the file /registration.php. Performing manipulation of the argument txtusername results in sql injection. The attack may be initiated remotely. The exploit is now public and m...

CVE-2025-11582

The CVE-2025-11582 entry maps to concrete details across multiple sources: code-projects Online Job Search Engine 1.0 is affected by a SQL injection in the /registration.php script, via manipulation of the txtusername parameter. This is reported as exploitable remotely with public exploits. The C...

CVE-2025-11582 code-projects Online Job Search Engine registration.php sql injection

A vulnerability was detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown processing of the file /registration.php. Performing manipulation of the argument txtusername results in sql injection. The attack may be initiated remotely. The exploit is now public and m...

CVE-2025-60307

code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts...

CVE-2025-11530

A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...