Code-Projects Simple E-Banking System 代码注入漏洞

Code-Projects Simple E-Banking System is a simple e-banking system from Code-Projects. A code injection vulnerability exists in Code-Projects Simple E-Banking System version 1.0, which stems from an incorrect manipulation of the parameter Username in the file /eBank/register.php, which could lead...

PT-2025-44060

Name of the Vulnerable Software and Affected Versions Code-Projects E-Commerce Website version 1.0 Description A cross site scripting issue exists in Code-Projects E-Commerce Website version 1.0. The issue is related to the manipulation of the supp name/supp address arguments within the file...

PT-2025-44061

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 that allows for cross site scripting. The issue is located in the /pages/product add.php file. Manipulation of the prod name, prod...

PT-2025-43914

Name of the Vulnerable Software and Affected Versions code-projects Online Event Judging System version 1.0 Description A security flaw exists in code-projects Online Event Judging System 1.0. Manipulation of the fullname argument in the /add contestant.php file can lead to SQL injection. Remote...

PT-2025-43947

Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A flaw exists in code-projects Client Details System 1.0 that allows for cross site scripting. The issue affects unknown code within the /welcome.php file and can be exploited remotel...

Code-Projects Automated Voting System SQL注入漏洞

Code-Projects Automated Voting System is a Code-Projects open source automated voting system. Code-Projects Automated Voting System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter Username in the file /admin/user.php, which could lead...

CVE-2025-11668 code-projects Automated Voting System update_user.php sql injection

A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/updateuser.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-11668 code-projects Automated Voting System update_user.php sql injection

A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/updateuser.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-11667

The CVE-2025-11667 entry concerns code-projects Automated Voting System 1.0. Affected component: the server-side code in /admin/add_candidate_modal.php. The vulnerability is SQL injection triggered by manipulating the firstname parameter, allowing remote exploitation. Multiple connected sources c...

CVE-2025-11667 code-projects Automated Voting System add_candidate_modal.php. sql injection

A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addcandidatemodal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11605

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11613 code-projects Simple Food Ordering System addcategory.php sql injection

A vulnerability was found in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file /addcategory.php. The manipulation of the argument cname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-11613

The CVE-2025-11613 issue affects the Simple Food Ordering System (version 1.0), specifically the /addcategory.php file. Reports consistently identify a SQL injection vulnerability arising from unsafely handling the cname parameter, enabling remote exploitation. Public exploit details are noted in...

CVE-2025-11612 code-projects Simple Food Ordering System addproduct.php sql injection

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

CVE-2025-11612

CVE-2025-11612 affects the Simple Food Ordering System 1.0, specifically the /addproduct.php script. The root cause is a lack of validation of the Category parameter, allowing an SQL injection that can be exploited remotely. Public exploit details exist. Several connected sources corroborate the ...

CVE-2025-11608 code-projects E-Banking System POST Parameter register.php sql injection

A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack...

CVE-2025-11608 code-projects E-Banking System POST Parameter register.php sql injection

A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack...

CVE-2025-11605

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...