48 matches found
CVE-2026-15523
A weakness has been identified in CodeAstro Simple Online Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /SimpleOnlineLeave/admin/dashboard.php. This manipulation of the argument Name causes sql injection. The attack can be initiated remotely. The...
CVE-2026-14798 CodeAstro Apartment Visitor Management System visitor-entry.php sql injection
A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /apartment-visitor/visitor-entry.php. The manipulation of the argument visname leads to sql injection. The attack can be initiated remotely. The exploit is...
CVE-2026-14689
CodeAstro Apartment Visitor Management System 1.0 contains a SQL injection flaw in the add-apartment.php handler (parameter apartmentno). The vulnerability arises from unsafely handling the argument, enabling remote exploitation. Public exploits exist. Impact in CVSS terms is MEDIUM with potentia...
PT-2026-55752
Name of the Vulnerable Software and Affected Versions CodeAstro Apartment Visitor Management System version 1.0 Description A security flaw allows remote attackers to perform SQL injection, a technique used to manipulate database queries. The issue exists within an unknown function in the...
CVE-2026-14640
CVE-2026-14640 describes a SQL injection in CodeAstro Apartment Visitor Management System 1.0. The vulnerability is in the Login component, specifically an unknown function in /index.php, where manipulating the Username argument can lead to remote exploitation. The exploit is publicly available a...
EUVD-2026-41688
A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit ha...
CVE-2026-13537 CodeAstro Human Resource Management System cross-site request forgery
A vulnerability was found in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely. The exploit has been made public and could be used...
CVE-2026-13525 CodeAstro Human Resource Management System Update_Earn_Leave Endpoint Employee_model.php emselectByCode sql injection
A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...
PT-2026-49100
Name of the Vulnerable Software and Affected Versions CodeAstro Student Attendance Management System version 1.0 Description An issue exists in the file '/attendance-php/Admin/createStudents.php' where manipulating the admissionNumber argument allows for SQL injection, which is a technique used t...
CVE-2026-12130 CodeAstro Human Resource Management System Projects Management Add_Projects cross site scripting
A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...
EUVD-2026-36569
A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...
CVE-2026-11583
A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argument className leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2026-37749
CodeAstro Simple Attendance Management System v1.0 is affected by a SQL injection in index.php via the username parameter, enabling remote unauthenticated attackers to bypass login and gain admin access. Root cause: direct interpolation of user input into the SQL query without proper escaping or ...
PT-2026-20465
Name of the Vulnerable Software and Affected Versions CodeAstro Membership Management System version 1.0 Description The application lacks proper authentication and authorization in the print membership card.php file. This allows unauthenticated attackers to access membership card data belonging ...
EUVD-2025-11982
Malicious code in bioql PyPI...
EUVD-2024-51316
Malicious code in bioql PyPI...
EUVD-2024-27041
Malicious code in bioql PyPI...
EUVD-2025-12509
Malicious code in bioql PyPI...
EUVD-2025-20322
Malicious code in bioql PyPI...
CVE-2025-9941
A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /register.php. Executing manipulation of the argument uimage can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used...