5 matches found
CVE-2025-5633
CVE-2025-5633 affects code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The vulnerability is a SQL injection in the /admin/users.php file caused by manipulation of the delete argument. It is exploitable remotely and the exploit has been publicly disclosed. The CVSS data in ...
CVE-2025-5631
CVE-2025-5631 affects code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The vulnerability is in an unknown function of /publicposts.php where manipulating the post parameter leads to SQL injection, enabling remote exploitation. Public disclosures exist. There is no patch de...
CVE-2025-5632
CVE-2025-5632 affects code-projects/anirbandutta9 Content Management System/News-Buzz 1.0. The vulnerability is a SQL injection in the file /admin/users.php caused by manipulating the change_to_admin parameter. It is exploitable remotely over the network, and public exploits have been disclosed. ...
CVE-2025-0346
The CVE-2025-0346 entry relates to code-projects Content Management System 1.0, affecting the /admin/publishnews.php Publish News Page. The vulnerability arises from manipulating the image parameter, leading to unrestricted upload. It is exploitable remotely and has been publicly disclosed. A ran...
CVE-2025-15197
The CVE-2025-15197 entry concerns code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The flaw is in the admin/editposts.php file, where manipulating the image parameter allows an unrestricted upload. This enables remote exploitation as indicated by the public exploit. Affect...