7 matches found
CVE-2024-1820
CVE-2024-1820 affects code-projects Crime Reporting System 1.0, specifically inchargelogin.php. The vulnerability arises from unsafely handling the email and password parameters, enabling SQL injection. It is exploitable remotely and an exploit has been disclosed publicly. Multiple sources (NVD, ...
CVE-2024-1821
Affected product: code-projects Crime Reporting System 1.0. Vulnerability: SQL injection in processing of police_add.php caused by manipulating parameters police_name, police_id, police_spec, or password. Root cause (as described): improper handling/concatenation of user-supplied input leading to...
CVE-2025-7170
Summary: CVE-2025-7170 affects code-projects Crime Reporting System 1.0, specifically an SQL injection in the registration.php file where manipulating the Name parameter can be exploited remotely. Multiple connected sources (CNVD, Red Hat, NVD, etc.) describe this vulnerability as critical/high i...
CVE-2025-7169
CVE-2025-7169 is a SQL injection vulnerability in code-projects Crime Reporting System 1.0, affecting the unknown function in /complainer_page.php. The issue arises from unsafely handling the location parameter, enabling remote exploitation and arbitrary SQL execution. Publicly disclosed exploit ...
CVE-2025-7172
The CVE-2025-7172 entry concerns code-projects Crime Reporting System 1.0. A vulnerability exists in an unknown part of /headlogin.php where manipulating the email parameter enables SQL injection. Attacks can be initiated remotely, and public disclosure is noted. Connected sources corroborate a S...
CVE-2025-7171
CVE-2025-7171 concerns code-projects Crime Reporting System 1.0, where the file /policelogin.php exposes a SQL injection via the email parameter. Multiple connected sources confirm a critical, remotely exploitable vulnerability with publicly disclosed exploits. The exact affected functionality is...
CVE-2025-7168
CVE-2025-7168 affects code-projects Crime Reporting System 1.0. Multiple connected sources describe a SQL injection vulnerability in the processing of /userlogin.php, caused by unsafely handling the email parameter. The issue is exploitable remotely and has been publicly disclosed. Root cause cen...