3 matches found
CVE-2025-11074
Affected software: code-projects Project Monitoring System 1.0. Vulnerability: SQL injection in the login.php file caused by unsafe handling of username/password inputs, enabling remote exploitation. Root cause/condition: Manipulation of the parameters in /login.php leads to SQL injection; exploi...
CVE-2025-11585
CVE-2025-11585 affects code-projects Project Monitoring System 1.0. The vulnerability is a SQL injection in the /useredit.php script caused by unsafely handling the uid parameter. Exploitation is remote and the exploit/public PoC has been reported in multiple sources (CNVD, RH, CNNVD, CVE referen...
CVE-2025-11124
CVE-2025-11124 affects code-projects Project Monitoring System 1.0. The vulnerability is a cross-site scripting flaw in /onlineJobSearchEngine/postjob.php, caused by insufficient filtering of the txtapplyto parameter. It can be exploited remotely, and public disclosure of the exploit is noted. Ot...