3490 matches found
CVE-2026-26694
code-projects Simple Student Alumni System v1.0 is vulnerale to SQL Injection in /TracerStudy/modalview.php...
Code-Projects Simple Student Alumni System 安全漏洞
Code-Projects Simple Student Alumni System is an open-source student alumni system developed by Code-Projects. Version 1.0 of the code-projects Simple Student Alumni System contains a security vulnerability, which stems from an SQL injection vulnerability in the /TracerStudy/recordteacher edit.ph...
CVE-2026-26695
The CVE-2026-26695 affects code-projects Simple Student Alumni System v1.0. The vulnerability is a SQL Injection in /TracerStudy/recordstudent_edit.php caused by insufficient input validation. This allows an attacker with network access (no authentication required) to manipulate database queries,...
CVE-2026-26697
The CVE-2026-26697 issue affects code-projects Simple Student Alumni System v1.0, with SQL Injection in /TracerStudy/recordteacher_view.php?teacherID=. The root cause is unsanitized/unchecked input for the teacherID parameter, allowing potentially crafted queries to access confidential data (as i...
Code-Projects Simple Student Alumni System 安全漏洞
Code-Projects Simple Student Alumni System is an open-source student alumni system developed by Code-Projects. Version 1.0 of the Code-Projects Simple Student Alumni System has a security vulnerability, which stems from an SQL injection vulnerability in the /TracerStudy/recordstudent edit.php fil...
CVE-2026-26697
code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordteacherview.php?teacherID=...
EUVD-2026-9189
code-projects Simple Student Alumni System code-projects v1.0 is vulnerable to SQL Injection in /TracerStudy/recordstudentedit.php...
Code-Projects Simple Gym Management System 安全漏洞
Code-Projects Simple Gym Management System is an open-source gym management system developed by Code-Projects. Version 1.0 of the Code-Projects Simple Gym Management System contains a security vulnerability, which stems from an SQL injection vulnerability in the file /gym/trainersearch.php...
CVE-2026-2912 code-projects Online Reviewer System studentresult-view.php sql injection
A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument testid results in sql injection. It is possible to launch the attack remotely. Th...
CVE-2026-2912
CVE-2026-2912 affects code-projects Online Reviewer System v1.0. The vulnerability is in /system/system/students/assessments/results/studentresult-view.php, where manipulating the test_id argument triggers SQL injection. Exploitation is remote, and public exploitation has been reported. Multiple ...
CVE-2026-2912 code-projects Online Reviewer System studentresult-view.php sql injection
A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument testid results in sql injection. It is possible to launch the attack remotely. Th...
CVE-2026-2706
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
Code-Projects Patient Record Management System 安全漏洞
The Code-Projects Patient Record Management System is an open-source medical record management system developed by Code-Projects. Version 1.0 of the Code-Projects Patient Record Management System contains a security vulnerability. This vulnerability stems from incorrect handling of the compid...
CVE-2025-70152
code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/saveuser.php and /admin/updateuser.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters firstname, lastname,...
CVE-2026-2224
A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-2214
A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...
CVE-2026-2199
A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated...
CVE-2026-2224
CVE-2026-2224 affects code-projects Online Reviewer System 1.0. The vulnerability is a cross-site scripting (XSS) in the file /system/system/admins/manage/users/btn_functions.php, where manipulating the firstname argument enables a remote attack. Several connected sources confirm the issue and in...