4 matches found
CVE-2026-0546
Code-projects Content Management System 1.0 contains a SQL injection in search.php via manipulation of the Value parameter. This vulnerability can be exploited remotely and has publicly disclosed exploit information. Multiple connected sources (PT-2026-1061, Red Hat/CVE feed, NVD/CVE entry, CNNVD...
CVE-2026-0565
CVE-2026-0565 affects code-projects Content Management System 1.0. The vulnerability arises from improper handling of the del parameter in the file /admin/delete.php, enabling remote SQL injection without authentication or user interaction. Multiple sources (NVD, Red Hat, CVE feeds) describe the ...
CVE-2026-0567
The CVE-2026-0567 entry affects code-projects Content Management System 1.0. The vulnerability is in the /pages.php file, where manipulating the ID argument causes a SQL injection. It can be exploited remotely and an exploit is publicly available. Connected advisories corroborate a remote SQL inj...
CVE-2026-0566
CVE-2026-0566 affects code-projects Content Management System 1.0. The vulnerability lies in the /admin/edit_posts.php script where manipulating the image parameter enables unrestricted file uploads. Exploitation is possible remotely, and the exploit has been publicly disclosed. Public data show ...