CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/02/18 12:0 a.m.•2 views

CVE-2025-70152

code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/saveuser.php and /admin/updateuser.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters firstname, lastname,...

9.8CVSS6AI score0.00161EPSS

CNNVD•added 2026/02/18 12:0 a.m.•4 views

Code-Projects Scholars Tracking System 安全漏洞

The Code-Projects Scholars Tracking System is an open-source scholar tracking system developed by Code-Projects. Version 1.0 of the Code-Projects Scholars Tracking System contains a security vulnerability. This vulnerability stems from the lack of verification of file types and extensions during...

8.8CVSS6.3AI score0.00337EPSS

Cvelist•added 2026/02/18 12:0 a.m.•26 views

CVE-2025-70152

9.8CVSS0.00161EPSS

CNVD•added 2025/12/25 12:0 a.m.•3 views

Scholars Tracking System delete_user.php File SQL Injection Vulnerability

Scholars Tracking System is a scholars tracking system. Scholars Tracking System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in parameter ID in file /admin/deleteuser.php. An attacker can exploit this vulnerability to...

9.8CVSS7.2AI score0.00026EPSS

RedhatCVE•added 2025/12/20 3:12 p.m.•9 views

CVE-2025-14951

A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument postcontent leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...

9.8CVSS7AI score0.00028EPSS

RedhatCVE•added 2025/12/20 2:11 p.m.•7 views

CVE-2025-14950

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

9.8CVSS7.2AI score0.00028EPSS

RedhatCVE•added 2025/12/20 4:17 a.m.•6 views

CVE-2025-14940

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

9.8CVSS7.1AI score0.00026EPSS

EUVD•added 2025/12/19 3:31 p.m.•3 views

EUVD-2025-204535

7.5CVSS7.2AI score0.00028EPSS

Exploits1References7

EUVD•added 2025/12/19 3:31 p.m.•5 views

EUVD-2025-204540

7.5CVSS7.2AI score0.00028EPSS

Exploits1References7

OSV•added 2025/12/19 3:15 p.m.•2 views

CVE-2025-14951

9.8CVSS5.8AI score0.00028EPSS

NVD•added 2025/12/19 3:15 p.m.•4 views

CVE-2025-14951

9.8CVSS0.00028EPSS

Cvelist•added 2025/12/19 2:32 p.m.•27 views

CVE-2025-14951 code-projects Scholars Tracking System home.php sql injection

7.5CVSS0.00028EPSS

CVE•added 2025/12/19 2:32 p.m.•7 views

CVE-2025-14951

CVE-2025-14951 affects Code-Projects Scholars Tracking System 1.0. The vulnerability is in the /home.php file where manipulation of the post_content parameter enables SQL injection. It can be exploited remotely; public disclosures exist. The available connected documents corroborate impact and re...

9.8CVSS6.7AI score0.00028EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/12/19 2:32 p.m.•2 views

CVE-2025-14951 code-projects Scholars Tracking System home.php sql injection

7.5CVSS6.7AI score0.00028EPSS

OSV•added 2025/12/19 2:15 p.m.•1 views

CVE-2025-14950

9.8CVSS5.7AI score

Exploits0References5

NVD•added 2025/12/19 2:15 p.m.•4 views

CVE-2025-14950

9.8CVSS0.00028EPSS

Cvelist•added 2025/12/19 1:32 p.m.•28 views

CVE-2025-14950 code-projects Scholars Tracking System delete_post.php sql injection

7.5CVSS0.00028EPSS