CVE-2025-14939 code-projects Online Appointment Booking System deletemanager.php sql injection

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

CVE-2025-14939 code-projects Online Appointment Booking System deletemanager.php sql injection

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

Code-Projects Online Appointment Booking System SQL注入漏洞

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter managername in the file /admin/deletemanager.ph...

Code-Projects Scholars Tracking System SQL注入漏洞

Code-Projects Scholars Tracking System is an open source scholars tracking system by Code-Projects. A SQL injection vulnerability exists in Code-Projects Scholars Tracking System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /deletepost.php, which could lead...

Code-Projects Simple Stock System SQL注入漏洞

Code-Projects Simple Stock System is a Code-Projects open source simple stock system. Code-Projects Simple Stock System version 1.0 suffers from a SQL injection vulnerability that originates from an unknown function in the file /market/update.php that mishandles the parameter email, which can lea...

Code-Projects Simple Stock System 代码注入漏洞

Code-Projects Simple Stock System is a Code-Projects open source simple stock system. A code injection vulnerability exists in Code-Projects Simple Stock System version 1.0, which originates from a cross-site scripting vulnerability in an unknown function in the file /market/chatuser.php...

CVE-2025-14833

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The...

CVE-2025-14834

CVE-2025-14834 affects code-projects Simple Stock System 1.0. The vulnerability resides in the /checkuser.php function, where manipulating the Username parameter can cause a SQL injection. Exploitation can be performed remotely, and publicly available exploit code has circulated. Several connecte...

CVE-2025-14834 code-projects Simple Stock System checkuser.php sql injection

A weakness has been identified in code-projects Simple Stock System 1.0. This affects an unknown function of the file /checkuser.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public...

CVE-2025-14833 code-projects Online Appointment Booking System deletemanagerclinic.php sql injection

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The...

CVE-2025-14833

The CVE-2025-14833 entry concerns code-projects Online Appointment Booking System 1.0. A SQL injection vulnerability exists in the /admin/deletemanagerclinic.php file, originating from unsafely handling the clinic parameter. This flaw enables remote exploitation and has publicly available exploit...

CVE-2025-14833 code-projects Online Appointment Booking System deletemanagerclinic.php sql injection

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The...

Code-Projects Online Appointment Booking System SQL注入漏洞

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter clinic in the file...

CVE-2025-14623

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/updatestudent.php. This manipulation of the argument studid causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

CVE-2025-14663 code-projects Student File Management System update_student.php cross site scripting

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-14663

The CVE-2025-14663 entry relates to code-projects' Student File Management System 1.0 and an XSS vulnerability in the /admin/update_student.php endpoint. The connected CNVD/NVD entries corroborate a cross-site scripting flaw arising from insufficient input filtering/escaping of user-supplied data...

CVE-2025-14663 code-projects Student File Management System update_student.php cross site scripting

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-14662 code-projects Student File Management System Update User update_user.php cross site scripting

A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made...

CVE-2025-14662

code-projects Student File Management System 1.0 is affected by a Cross-Site Scripting (XSS) vulnerability in the Update User Page, specifically /admin/update_user.php. The flaw arises from an improper handling/manipulation of input, enabling remote attackers to trigger XSS. Multiple connected so...

CVE-2025-14662 code-projects Student File Management System Update User update_user.php cross site scripting

A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made...