Simple Laundry System Security Vulnerabilities and Issues — Simple Laundry System CVE List

Code-projectsSimple Laundry System

15 matches found

CVE•added 2025/06/06 12:31 p.m.•54 views

CVE-2025-5764

CVE-2025-5764 concerns code-projects Laundry System 1.0. The vulnerability is a cross-site scripting (XSS) flaw in the /data/insert_laundry.php file, triggered by manipulating the Customer parameter. Attackers may exploit this remotely, and the exploit has been publicly disclosed. Public document...

5.4CVSS3.8AI score0.00246EPSS

Web

CVE•added 2025/06/06 12:31 p.m.•54 views

CVE-2025-5765

CVE-2025-5765 affects code-projects Laundry System 1.0, with a cross-site scripting vulnerability in /data/edit_laundry.php via the Customer parameter. Root cause is improper input handling/escaping of user-supplied data, enabling arbitrary script execution. Exploitation is possible remotely and ...

5.4CVSS3.9AI score0.00246EPSS

Web

CVE•added 2025/06/06 7:0 p.m.•54 views

CVE-2025-5797

Code-projects Laundry System 1.0 contains a cross-site scripting (XSS) vulnerability in /data/insert_type.php via the Type parameter. The issue allows remote attacker input to inject scripts; exploit has been disclosed publicly and may be used. Supported by CNVD/CNNVD entries. There is no patch i...

5.4CVSS3.7AI score0.00234EPSS

Web

CVE•added 2025/06/06 7:0 p.m.•51 views

CVE-2025-5796

CVE-2025-5796 concerns code-projects Laundry System 1.0. The vulnerability is a cross-site scripting flaw in the parameter Type of the file /data/edit_type.php . Publicly disclosed exploit enables remote abuse; multiple sources describe the issue as an input-filter/escaping weakness affecting unk...

5.4CVSS4AI score0.00234EPSS

Web

CVE•added 2025/06/06 1:0 p.m.•50 views

CVE-2025-5766

CVE-2025-5766 concerns a cross-site request forgery in the code-projects Laundry System 1.0 . The vulnerability arises from a web application that does not adequately validate that a request comes from a trusted user, enabling an attacker to spoof a malicious request to trigger a sensitive operat...

5.3CVSS4.7AI score0.00233EPSS

CVE•added 2026/03/25 1:9 a.m.•15 views

CVE-2026-4784

The CVE-2026-4784 vulnerability affects code-projects Simple Laundry System 1.0, specifically the Parameter Handler’s /checkcheckout.php and its serviceId parameter. The root cause allows SQL injection in a remote-exploit scenario, with the exploit already public and potentially usable. Multiple ...

9.8CVSS6.7AI score0.00333EPSS

CVE•added 2026/04/01 6:0 a.m.•9 views

CVE-2026-5256

CVE-2026-5256 affects code-projects Simple Laundry System 1.0. The vulnerability is in the Parameter Handler’s modify.php, where manipulation of the firstName parameter leads to SQL injection. Remote exploitation is possible, and the exploit has been published and may be used. The available conne...

9.8CVSS6.8AI score0.00333EPSS

CVE•added 2026/04/01 6:0 a.m.•9 views

CVE-2026-5257

The CVE-2026-5257 entry concerns code-projects Simple Laundry System 1.0. The vulnerability affects the Parameter Handler component, specifically the /delstaffinfo.php file, where manipulating the userid parameter leads to a SQL injection. The issue is exploitable remotely, and public disclosures...

9.8CVSS6.8AI score0.00333EPSS

CVE•added 2026/03/26 7:41 a.m.•8 views

CVE-2026-4849

CVE-2026-4849 affects code-projects Simple Laundry System 1.0. The vulnerability is in the /modify.php file within the Parameter Handler, where manipulating the firstName argument leads to cross-site scripting (XSS). The impact is described as Low integrity impact with no confidentiality or avail...

6.1CVSS4AI score0.0027EPSS

CVE•added 2026/03/27 2:25 a.m.•8 views

CVE-2026-4908

The CVE-2026-4908 entry concerns code-projects Simple Laundry System 1.0. The vulnerability resides in the Parameter Handler’s modstaffinfo.php, where manipulating the userid parameter enables SQL injection. The flaw is exploitable remotely and has seen public exploit activity. Connected sources ...

9.8CVSS6.8AI score0.00393EPSS

CVE•added 2026/04/01 5:15 a.m.•8 views

CVE-2026-5255

CVE-2026-5255 affects code-projects Simple Laundry System 1.0, specifically an issue in the Parameter Handler’s delstaffinfo.php where manipulating the userid parameter triggers cross-site scripting. The vulnerability can be exploited remotely, and the exploit is public, indicating potential real...

6.1CVSS4.4AI score0.0027EPSS

CVE•added 2026/03/23 7:36 a.m.•7 views

CVE-2026-4579

The CVE-2026-4579 entry concerns code-projects Simple Laundry System 1.0, specifically the file /viewdetail.php in the Parameters Handler component. The vulnerability is triggered by manipulating the serviceId argument, leading to SQL injection. Remote exploitation is possible, and an exploit is ...

9.8CVSS5.6AI score0.00428EPSS

CVE•added 2026/03/23 9:33 a.m.•7 views

CVE-2026-4581

The CVE-2026-4581 entry concerns code-projects Simple Laundry System 1.0. The vulnerability lies in the unknown function within the file /checklogin.php of the Parameters Handler, where manipulating the Username argument triggers a SQL injection. This can be exploited remotely, and exploits have ...

9.8CVSS6.9AI score0.00354EPSS

CVE•added 2026/03/26 7:41 a.m.•7 views

CVE-2026-4850

CVE-2026-4850 affects code-projects Simple Laundry System 1.0. Affected component: Parameter Handler, file /checkregisitem.php. Root cause: manipulation of the Long-arm-shirtVol argument enables SQL injection. Attack vector is remote; exploit publicly released. Multiple sources (NVD, CVE records,...

9.8CVSS6.8AI score0.00345EPSS

CVE•added 2026/03/23 8:48 a.m.•6 views

CVE-2026-4580

The CVE-2026-4580 entry concerns code-projects Simple Laundry System 1.0, where the /checkupdatestatus.php endpoint in the Parameters Handler is vulnerable. The issue arises from manipulating the serviceId parameter, enabling SQL injection. The vulnerability is described as exploitable remotely, ...

9.8CVSS5.7AI score0.00329EPSS