10 matches found
CVE-2025-0967
CVE-2025-0967 affects Code-Projects Chat System 1.0. The vulnerability is a SQL injection in the file /user/add_chatroom.php, caused by unsafely handling the chatname/chatpass parameters. The issue is exploitable remotely and could allow an attacker to manipulate SQL statements, potentially expos...
CVE-2025-5881
CVE-2025-5881 affects code-projects Chat System (versions up to 1.0). Multiple connected sources describe a vulnerability in /user/confirm_password.php where manipulating the parameter cid allows an SQL injection. Exploitation can be remote and the vulnerability has been disclosed publicly. Evide...
CVE-2024-13036
CVE-2024-13036: Affects code-projects Chat System 1.0. The vulnerability lies in /admin/update_room.php where manipulation of the id/name/password parameters enables SQL injection due to insufficient input validation. The attack can be initiated remotely and an exploit has been disclosed publicly...
CVE-2025-0531
CVE-2025-0531 affects code-projects Chat System 1.0. A SQL injection flaw exists in the /user/leaveroom.php?id= parameter caused by lack of input validation. This allows remote attackers to exploit the vulnerability, with confidentiality impact described as HIGH in the NVD metrics and public disc...
CVE-2025-0882
CVE-2025-0882 affects code-projects Chat System up to version 1.0, where the /user/addnewmember.php endpoint is vulnerable to SQL injection through the user parameter. Publicly disclosed exploit details and remote feasibility are noted, with potential to disclose or tamper with database data. Roo...
CVE-2025-7187
Code-projects Chat System 1.0 contains a SQL injection in the /user/fetch_member.php file caused by unsafely handling the ID parameter. The vulnerability can be exploited remotely and multiple sources cite exploitation of this parameter to retrieve/modify data. The attached documents do not speci...
CVE-2025-7186
CVE-2025-7186 affects code-projects Chat System 1.0. The vulnerability is an SQL injection in the processing of the file /user/fetch_chat.php, caused by manipulation of the ID parameter. It is exploitable remotely and has been disclosed publicly. Multiple sources confirm the issue, including CNVD...
CVE-2025-7511
CVE-2025-7511 affects code-projects Chat System 1.0. The vulnerability is a SQL injection in the handling of the musername parameter in the file /user/update_account.php, enabling remote exploitation. Multiple connected sources confirm the issue and state that the exploit has been publicly disclo...
CVE-2025-7189
CVE-2025-7189 affects code-projects Chat System 1.0. The vulnerability is an SQL injection in the file /user/send_message.php, caused by lack of validation of the msg parameter. The issue can be exploited remotely and has publicly disclosed exploit information. Impact is described as potentially ...
CVE-2025-7188
CVE-2025-7188 concerns code-projects Chat System 1.0. The vulnerability affects the file /user/addmember.php where manipulating the ID parameter leads to a SQL injection. The issue is exploitable remotely and, according to the CVE entry, the exploit has been disclosed publicly. Multiple connected...