Content Management System
CVEs (64)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13302 | Med | 0.31 | 4.7 | 0.00 | Nov 17, 2025 | A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly… | ||
| CVE-2026-7222 | Low | 0.23 | 3.5 | 0.00 | Apr 28, 2026 | A vulnerability was determined in code-projects Coaching Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /cims/modules/student/complaint.php of the component Complaint Form Page. This manipulation of the argument Complaint causes… | ||
| CVE-2026-6184 | Low | 0.16 | 2.4 | 0.00 | Apr 13, 2026 | A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The… | ||
| CVE-2024-10758 | 0.03 | — | 0.01 | Nov 4, 2024 | A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument user_name leads to sql injection. It is possible to… | |||
| CVE-2026-2176 | 0.00 | — | 0.00 | Feb 8, 2026 | A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem[0] leads to sql injection. The attack can be executed remotely. | |||
| CVE-2026-2174 | 0.00 | — | 0.01 | Feb 8, 2026 | A security flaw has been discovered in code-projects Contact Management System 1.0. This affects an unknown part of the component CRUD Endpoint. The manipulation of the argument ID results in improper authentication. The attack may be launched remotely. | |||
| CVE-2025-56289 | 0.00 | — | 0.00 | Sep 16, 2025 | code-projects Document Management System 1.0 has a Cross Site Scripting (XSS) vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files. | |||
| CVE-2025-5633 | 0.00 | — | 0.00 | Jun 5, 2025 | A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the argument delete leads to sql injection.… | |||
| CVE-2025-5632 | 0.00 | — | 0.00 | Jun 5, 2025 | A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulation of the argument change_to_admin leads… | |||
| CVE-2025-5631 | 0.00 | — | 0.00 | Jun 5, 2025 | A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknown function of the file /publicposts.php. The manipulation of the argument post leads to sql injection. It is possible to… | |||
| CVE-2025-4890 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally… | |||
| CVE-2025-4889 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access… | |||
| CVE-2025-4501 | 0.00 | — | 0.00 | May 10, 2025 | A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffer overflow. Local access is required to approach this… | |||
| CVE-2025-4480 | 0.00 | — | 0.00 | May 9, 2025 | A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow.… | |||
| CVE-2025-4069 | 0.00 | — | 0.00 | Apr 29, 2025 | A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached… | |||
| CVE-2025-4059 | 0.00 | — | 0.00 | Apr 29, 2025 | A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be… | |||
| CVE-2025-3166 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function search_item of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access… | |||
| CVE-2025-3148 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buffer overflow. Attacking locally is a requirement. The… | |||
| CVE-2025-3134 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability classified as critical has been found in code-projects Payroll Management System 1.0. This affects an unknown part of the file /add_overtime.php. The manipulation of the argument rate leads to sql injection. It is possible to initiate the attack remotely. The… | |||
| CVE-2025-3039 | 0.00 | — | 0.01 | Mar 31, 2025 | A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add_employee.php. The manipulation of the argument lname/fname leads to sql injection. It is possible to launch the attack… |
- risk 0.31cvss 4.7epss 0.00
A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was determined in code-projects Coaching Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /cims/modules/student/complaint.php of the component Complaint Form Page. This manipulation of the argument Complaint causes…
- risk 0.16cvss 2.4epss 0.00
A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The…
- CVE-2024-10758Nov 4, 2024risk 0.03cvss —epss 0.01
A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument user_name leads to sql injection. It is possible to…
- CVE-2026-2176Feb 8, 2026risk 0.00cvss —epss 0.00
A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem[0] leads to sql injection. The attack can be executed remotely.
- CVE-2026-2174Feb 8, 2026risk 0.00cvss —epss 0.01
A security flaw has been discovered in code-projects Contact Management System 1.0. This affects an unknown part of the component CRUD Endpoint. The manipulation of the argument ID results in improper authentication. The attack may be launched remotely.
- CVE-2025-56289Sep 16, 2025risk 0.00cvss —epss 0.00
code-projects Document Management System 1.0 has a Cross Site Scripting (XSS) vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files.
- CVE-2025-5633Jun 5, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the argument delete leads to sql injection.…
- CVE-2025-5632Jun 5, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulation of the argument change_to_admin leads…
- CVE-2025-5631Jun 5, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknown function of the file /publicposts.php. The manipulation of the argument post leads to sql injection. It is possible to…
- CVE-2025-4890May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally…
- CVE-2025-4889May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access…
- CVE-2025-4501May 10, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffer overflow. Local access is required to approach this…
- CVE-2025-4480May 9, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow.…
- CVE-2025-4069Apr 29, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached…
- CVE-2025-4059Apr 29, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be…
- CVE-2025-3166Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function search_item of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access…
- CVE-2025-3148Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buffer overflow. Attacking locally is a requirement. The…
- CVE-2025-3134Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in code-projects Payroll Management System 1.0. This affects an unknown part of the file /add_overtime.php. The manipulation of the argument rate leads to sql injection. It is possible to initiate the attack remotely. The…
- CVE-2025-3039Mar 31, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add_employee.php. The manipulation of the argument lname/fname leads to sql injection. It is possible to launch the attack…
Page 2 of 4