VYPR

Community Project Scholars Tracking System

by Code Projects

CVEs (10)

  • CVE-2024-24101CriMar 12, 2024
    risk 0.64cvss 9.8epss 0.00

    Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update.

  • CVE-2024-24093CriMar 12, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information Update information.

  • CVE-2024-24098HigMar 5, 2024
    risk 0.51cvss 7.8epss 0.00

    Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection via the News Feed.

  • CVE-2025-14951HigDec 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument post_content leads to sql injection. The attack can be executed remotely. The exploit…

  • CVE-2025-14950HigDec 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /delete_post.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been…

  • CVE-2025-14940HigDec 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/delete_user.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2024-24097MedMar 12, 2024
    risk 0.35cvss 5.4epss 0.00

    Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed.

  • CVE-2024-24099MedFeb 27, 2024
    risk 0.35cvss 5.4epss 0.00

    Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Employment Status Information Update.

  • CVE-2025-70152Feb 18, 2026
    risk 0.00cvss epss 0.00

    code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/save_user.php and /admin/update_user.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters…

  • CVE-2025-70151Feb 18, 2026
    risk 0.00cvss epss 0.01

    code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints update_profile_picture.php and upload_picture.php store uploaded files in a web-accessible uploads/ directory using the…