5 matches found
CVE-2023-7111
The CVE-2023-7111 entry describes a SQL injection in code-projects Library Management System 2.0, affecting the category parameter in index.php. Multiple connected sources confirm remote exploitation and public disclosure (VDB-249006). The underlying issue is lack of input validation in the categ...
CVE-2023-7110
CVE-2023-7110 affects code-projects Library Management System 2.0. The vulnerability resides in login.php where manipulation of the student parameter enables SQL injection. It is exploitable remotely and has been publicly disclosed. Affected software is Library Management System 2.0; root cause i...
CVE-2023-7109
The CVE-2023-7109 entry applies to code-projects Library Management System 2.0, specifically the /admin/login.php file. The vulnerability is a SQL injection caused by manipulation of the username parameter, exploitable remotely. Public disclosure of the exploit is noted. Impact is described in al...
CVE-2025-7210
The CVE-2025-7210 entry concerns code-projects/Fabian Ros Library Management System 2.0, where the admin/profile_update.php function is vulnerable due to improper handling of the photo parameter, enabling unrestricted file upload. This is described as a remote, publicly disclosed exploit with pot...
CVE-2025-7190
The CVE-2025-7190 entry concerns code-projects Library Management System 2.0. Concrete details from connected documents show a vulnerability in the file /admin/student_edit_photo.php where manipulating the photo parameter enables unrestricted (arbitrary) file uploads. Exploitation is described as...