PT-2026-1014

Name of the Vulnerable Software and Affected Versions code-projects Online Guitar Store version 1.0 Description A SQL injection issue exists in code-projects Online Guitar Store version 1.0. The issue is located in an unknown function within the /admin/Create product.php file. Manipulating the dr...

PT-2026-1019

Name of the Vulnerable Software and Affected Versions code-projects Online Guitar Store version 1.0 Description A flaw exists in code-projects Online Guitar Store 1.0 that allows for SQL injection. This occurs through manipulation of the del pro argument within the /admin/Delete product.php file...

Code-Projects Online Guitar Store SQL注入漏洞

Code-Projects Online Guitar Store is a Code-Projects open source online guitar store. A SQL injection vulnerability exists in Code-Projects Online Guitar Store version 1.0, which stems from an incorrect operation of the parameter delpro in the file /admin/Deleteproduct.php, which could lead to SQ...

CVE-2025-15196

A vulnerability was identified in code-projects Assessment Management 1.0. This affects an unknown part of the file login.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2025-15243 code-projects Simple Stock System login.php sql injection

A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-15243 code-projects Simple Stock System login.php sql injection

A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-15213

A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument storeid leads to improper authorization. The attack is possible to be...

CVE-2025-15213

The CVE concerns code-projects Student File Management System 1.0, specifically the File Download Handler’s file /download.php. The vulnerability stems from improper authorization caused by manipulating the store_id argument, enabling remote exploitation. Documentation consistently notes that the...

Code-Projects Refugee Food Management System SQL注入漏洞

Code-Projects Refugee Food Management System is an open source refugee food management system from Code-Projects. A SQL injection vulnerability exists in Code-Projects Refugee Food Management System version 1.0, which stems from incorrect manipulation of the parameters a/b/c/sex/d/e/nationalityni...

Code-Projects Student File Management System 授权问题漏洞

Code-Projects Student File Management System is an open source student file management system from Code-Projects. An authorization issue vulnerability exists in Code-Projects Student File Management System version 1.0, which stems from incorrect manipulation of the storeid parameter in...

CVE-2025-15210 code-projects Refugee Food Management System editrefugee.php sql injection

A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This vulnerability affects unknown code of the file /home/editrefugee.php. Such manipulation of the argument a/b/c/sex/d/e/nationalitynid leads to sql injection. The attack may be launched remotely. Th...

CVE-2025-15209 code-projects Refugee Food Management System editfood.php sql injection

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulation of the argument a/b/c/d causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public...

CVE-2025-15208 code-projects Refugee Food Management System editrefugee.php sql injection

A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/editrefugee.php. The manipulation of the argument rfid results in sql injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-15208

CVE-2025-15208 affects Code-Projects Refugee Food Management System 1.0, specifically the /home/editrefugee.php handler where the rfid parameter can be manipulated to perform SQL injection. Exploitation is described as remote with a publicly released exploit. Multiple connected sources (NVD, Red ...

CVE-2025-15205 code-projects Student File Management System download.php sql injection

A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istoreid leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-15205 code-projects Student File Management System download.php sql injection

A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istoreid leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-15199 code-projects College Notes Uploading System userprofile.php unrestricted upload

A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit h...

CVE-2025-15199

CVE-2025-15199 affects code-projects College Notes Uploading System 1.0. The vulnerability exists in an unknown function handling the image parameter in /dashboard/userprofile.php, enabling unrestricted file upload. Remote exploitation is possible; exploits have been publicly disclosed and may be...

CVE-2025-15198 code-projects College Notes Uploading System login.php sql injection

A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...

CVE-2025-15198 code-projects College Notes Uploading System login.php sql injection

A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...