87 matches found
PT-2025-29431 · Code Projects · Voting System
Name of the Vulnerable Software and Affected Versions: code-projects Voting System version 1.0 Description: A critical issue has been identified in code-projects Voting System 1.0. The vulnerability is located in an unknown functionality of the /admin/positions edit.php file. Manipulation of the ...
CVE-2025-7508
The CVE-2025-7508 entry concerns code-projects Modern Bag 1.0, with a SQL injection in /admin/product-update.php arising from unsanitized manipulation of idProduct. A remote attacker could exploit this, and public exploits have been disclosed. Multiple connected sources corroborate the presence o...
CVE-2025-7508 code-projects Modern Bag product-update.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. Th...
CVE-2025-7461 code-projects Modern Bag action.php sql injection
A vulnerability was found in code-projects Modern Bag 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the argument proId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...
PT-2025-29323 · Unknown · Modern Bag
Name of the Vulnerable Software and Affected Versions: code-projects Modern Bag version 1.0 Description: A vulnerability exists in code-projects Modern Bag 1.0. This issue is a SQL injection affecting an unknown functionality of the /admin/login-back.php file. Manipulation of the user-name argume...
CVE-2025-7174
A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...
CVE-2025-7199
A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0. This issue affects some unknown processing of the file /notapprove.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-7199 code-projects Library System notapprove.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0. This issue affects some unknown processing of the file /notapprove.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-7186 code-projects Chat System fetch_chat.php sql injection
A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/fetchchat.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed t...
CVE-2025-6901
The CVE-2025-6901 entry refers to code-projects Inventory Management System 1.0 with a SQL injection in the userid parameter of the /php_action/removeUser.php endpoint. The vulnerability is remote-exploitable and has publicly disclosed exploits. Connected sources consistently identify the affecte...
PT-2025-27334 · Code Projects · Code-Projects Inventory Management System
Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical vulnerability was found in the code-projects Inventory Management System. This issue affects unknown code of the file /php action/editPayment.php. The manipulation ...
CVE-2024-8270
The set of documents confirms a macOS Rocket.Chat vulnerability (CVE-2024-8270) where a missing Hardened Runtime and Library Validation enables DYLIB injection, bypassing TCC policies and granting permissions not allowed by default under Sandbox/app profile (e.g., microphone, camera, automation, ...
PT-2025-23999 · Unknown · Code-Projects Real Estate Property Management System
Name of the Vulnerable Software and Affected Versions: code-projects Real Estate Property Management System version 1.0 Description: A critical issue was found in the code, affecting the /Admin/InsertCategory.php file. The manipulation of the txtCategoryName argument leads to SQL injection. This...
CVE-2023-34986
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...
CVE-2023-7140
A vulnerability was found in code-projects Client Details System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be...
CVE-2018-1000641
YesWiki version = cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information...
CVE-2019-1010148
zzcms version 8.3 and earlier is affected by: SQL Injection. The impact is: zzcms File Delete to Code Execution...
PT-2025-18964 · Unknown · Code-Projects Social Networking Site
Name of the Vulnerable Software and Affected Versions: code-projects Nero Social Networking Site version 1.0 Description: A critical vulnerability was found in the code-projects Nero Social Networking Site. This affects an unknown part of the file /index.php. The manipulation of the arguments...
CVE-2025-32867
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...
CVE-2025-32475
The CVE-2025-32475 entry affects Siemens TeleControl Server Basic before version 3.1.2.2. The vulnerability is a SQL injection in the internal UpdateProject path that can let an authenticated remote attacker bypass authorization, read/write the app DB, and execute code with NT AUTHORITY\NetworkSe...