10 matches found
CVE-2025-5633
CVE-2025-5633 affects code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The vulnerability is a SQL injection in the /admin/users.php file caused by manipulation of the delete argument. It is exploitable remotely and the exploit has been publicly disclosed. The CVSS data in ...
CVE-2024-10758
CVE-2024-10758 affects code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The vulnerability is a SQL injection in the index.php area triggered by manipulating the user_name parameter, with remote exploitation indicated. Public disclosures exist (e.g., Exploit-DB and PacketSt...
CVE-2025-5631
CVE-2025-5631 affects code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The vulnerability is in an unknown function of /publicposts.php where manipulating the post parameter leads to SQL injection, enabling remote exploitation. Public disclosures exist. There is no patch de...
CVE-2025-5632
CVE-2025-5632 affects code-projects/anirbandutta9 Content Management System/News-Buzz 1.0. The vulnerability is a SQL injection in the file /admin/users.php caused by manipulating the change_to_admin parameter. It is exploitable remotely over the network, and public exploits have been disclosed. ...
CVE-2025-0346
The CVE-2025-0346 entry relates to code-projects Content Management System 1.0, affecting the /admin/publishnews.php Publish News Page. The vulnerability arises from manipulating the image parameter, leading to unrestricted upload. It is exploitable remotely and has been publicly disclosed. A ran...
CVE-2026-0546
Code-projects Content Management System 1.0 contains a SQL injection in search.php via manipulation of the Value parameter. This vulnerability can be exploited remotely and has publicly disclosed exploit information. Multiple connected sources (PT-2026-1061, Red Hat/CVE feed, NVD/CVE entry, CNNVD...
CVE-2026-0565
CVE-2026-0565 affects code-projects Content Management System 1.0. The vulnerability arises from improper handling of the del parameter in the file /admin/delete.php, enabling remote SQL injection without authentication or user interaction. Multiple sources (NVD, Red Hat, CVE feeds) describe the ...
CVE-2026-0566
CVE-2026-0566 affects code-projects Content Management System 1.0. The vulnerability lies in the /admin/edit_posts.php script where manipulating the image parameter enables unrestricted file uploads. Exploitation is possible remotely, and the exploit has been publicly disclosed. Public data show ...
CVE-2026-0567
The CVE-2026-0567 entry affects code-projects Content Management System 1.0. The vulnerability is in the /pages.php file, where manipulating the ID argument causes a SQL injection. It can be exploited remotely and an exploit is publicly available. Connected advisories corroborate a remote SQL inj...
CVE-2025-15197
The CVE-2025-15197 entry concerns code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The flaw is in the admin/editposts.php file, where manipulating the image parameter allows an unrestricted upload. This enables remote exploitation as indicated by the public exploit. Affect...