CVE-2026-4972 code-projects Online Reviewer System btn_functions.php cross site scripting

A security vulnerability has been detected in code-projects Online Reviewer System up to 1.0. Affected is an unknown function of the file /system/system/students/assessments/databank/btnfunctions.php. Such manipulation of the argument Description leads to cross site scripting. The attack may be...

CVE-2026-4970

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

CVE-2026-4970

CVE-2026-4970 affects code-projects Social Networking Site 1.0. The vulnerability is SQL injection in the file delete_photos.php (Endpoint component) triggered by manipulating the ID argument. It can be exploited remotely and the exploit is publicly available. The connected CVE records do not pro...

CVE-2026-4969

The CVE-2026-4969 entry concerns code-projects Social Networking Site 1.0. The vulnerable element is the /home.php file within the Alert Handler component, where manipulation of the content argument enables Cross-Site Scripting (XSS). Description indicates remote exploitation is possible and that...

CVE-2026-4969 code-projects Social Networking Site Alert home.php cross site scripting

A vulnerability was identified in code-projects Social Networking Site 1.0. The impacted element is an unknown function of the file /home.php of the component Alert Handler. The manipulation of the argument content leads to cross site scripting. Remote exploitation of the attack is possible. The...

CVE-2026-4969 code-projects Social Networking Site Alert home.php cross site scripting

A vulnerability was identified in code-projects Social Networking Site 1.0. The impacted element is an unknown function of the file /home.php of the component Alert Handler. The manipulation of the argument content leads to cross site scripting. Remote exploitation of the attack is possible. The...

CVE-2026-4836

A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...

CVE-2026-4909 code-projects Exam Form Submission update_s7.php cross site scripting

A weakness has been identified in code-projects Exam Form Submission 1.0. This impacts an unknown function of the file /admin/updates7.php. This manipulation of the argument sname causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to t...

CVE-2026-4909 code-projects Exam Form Submission update_s7.php cross site scripting

A weakness has been identified in code-projects Exam Form Submission 1.0. This impacts an unknown function of the file /admin/updates7.php. This manipulation of the argument sname causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to t...

CVE-2026-4909

CVE-2026-4909 affects code-projects Exam Form Submission 1.0, specifically the /admin/update_s7.php function where manipulation of the sname argument enables cross-site scripting. The vulnerability can be triggered remotely, and public exploits exist. The available connected documentation confirm...

CVE-2026-4908 code-projects Simple Laundry System Parameter modstaffinfo.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /modstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in sql injection. The attack may be performed from remote. The exploit...

CVE-2026-4908

The CVE-2026-4908 entry concerns code-projects Simple Laundry System 1.0. The vulnerability resides in the Parameter Handler’s modstaffinfo.php, where manipulating the userid parameter enables SQL injection. The flaw is exploitable remotely and has seen public exploit activity. Connected sources ...

PT-2026-28694

Name of the Vulnerable Software and Affected Versions code-projects Social Networking Site version 1.0 Description A cross site scripting issue exists due to the manipulation of the content argument within an unknown function of the file '/home.php' of the Alert Handler component. Remote...

Code-Projects Online Reviewer System 安全漏洞

The Code-Projects Online Reviewer System is an online review system developed by Code-Projects as open source. Versions of the Code-Projects Online Reviewer System prior to version 1.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect handling of parameters in the...

PT-2026-28697

Name of the Vulnerable Software and Affected Versions code-projects Online Reviewer System version 1.0 Description A security issue exists in code-projects Online Reviewer System version 1.0. Manipulation of the Description argument in an unknown function within the file...

Code-Projects Exam Form Submission 安全漏洞

Code-Projects Exam Form Submission is an open-source exam form developed by Code-Projects. Version 1.0 of Code-Projects Exam Form Submission contains a security vulnerability. This vulnerability stems from improper handling of the parameter sname in the file admin/updates7.php, which may lead to...

PT-2026-28671

Name of the Vulnerable Software and Affected Versions code-projects Simple Laundry System version 1.0 Description A security flaw exists in code-projects Simple Laundry System 1.0. The issue affects an unknown function within the file /modstaffinfo.php of the Parameter Handler component...

Code-Projects Social Networking Site SQL注入漏洞

Code-Projects Social Networking Site is an open-source social networking site developed by Code-Projects. Version 1.0 of Code-Projects Social Networking Site has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file deletephotos.php, whic...