CVE-2026-2224

A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...

CVE-2026-2224 code-projects Online Reviewer System btn_functions.php cross site scripting

A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...

CVE-2026-2223 code-projects Online Reviewer System index.php sql injection

A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/take/index.php. The manipulation of the argument ID leads to sql injection. It is possible to initia...

CVE-2026-2222

The CVE-2026-2222 entry concerns code-projects Online Reviewer System 1.0. Affected: the file /system/system/admins/manage/users/btn_functions.php. Issue: manipulation of the firstname argument enables cross-site scripting (XSS). The attack can be performed remotely and the exploit is publicly av...

CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting

A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...

CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting

A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...

CVE-2026-2133

A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has...

CVE-2026-2221

The CVE-2026-2221 entry concerns code-projects Online Reviewer System 1.0, specifically the Login component’s file /login/index.php. The vulnerability is a SQL injection caused by manipulating the Username argument, enabling remote exploitation. Public exploits exist. Impact is described as high ...

CVE-2026-2221 code-projects Online Reviewer System Login index.php sql injection

A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The...

CVE-2026-2221 code-projects Online Reviewer System Login index.php sql injection

A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The...

CVE-2026-2220

CVE-2026-2220 affects code-projects Online Reviewer System 1.0. The issue is an SQL injection in the file /system/system/admins/assessments/pretest/btn_functions.php caused by manipulating the difficulty_id argument. It can be exploited remotely and a public PoC exists. Impact is described as HIG...

CVE-2026-2220 code-projects Online Reviewer System btn_functions.php sql injection

A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btnfunctions.php. Such manipulation of the argument difficultyid leads to sql injection. The attack can be executed remotely. The...

CVE-2026-2214

A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...

CVE-2026-2214

CVE-2026-2214 affects code-projects for Plugin 1.0, with the weakness located in an unknown part of /Administrator/PHP/AdminAddAlbum.php. The issue arises from manipulating the txtalbum argument, enabling a cross-site scripting (XSS) flaw that can be triggered remotely. Multiple connected sources...

CVE-2026-2214 code-projects for Plugin AdminAddAlbum.php cross site scripting

A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...

CVE-2026-2214 code-projects for Plugin AdminAddAlbum.php cross site scripting

A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...

CVE-2026-2213

The CVE-2026-2213 entry concerns code-projects Online Music Site 1.0 with an unrestricted upload vulnerability in /Administrator/PHP/AdminAddAlbum.php. The issue stems from manipulating the txtimage argument, enabling remote attackers to upload files without restriction. Multiple connected source...

CVE-2026-2213 code-projects Online Music Site AdminAddAlbum.php unrestricted upload

A security flaw has been discovered in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminAddAlbum.php. The manipulation of the argument txtimage results in unrestricted upload. The attack may be performed from remote. The...

CVE-2026-2212 code-projects Online Music Site AdminEditCategory.php sql injection

A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. Th...

CVE-2026-2212

A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. Th...