Mobile Shop Management System

CVEs (19)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2025-14646	Jjjjj Zr Jjjjjzr8	Hig	0.47	7.3	Dec 14, 2025	A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/delete_student.php. The manipulation of the argument stud_id results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
CVE-2025-14645	Jjjjj Zr Jjjjjzr7	Hig	0.47	7.3	Dec 14, 2025	A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/delete_user.php. The manipulation of the argument user_id leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
CVE-2025-14640	Jjjjj Zr Jjjjjzr14	Hig	0.47	7.3	Dec 14, 2025	A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/save_student.php. Executing manipulation of the argument stud_no can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
CVE-2025-14623	Jjjjj Zr Jjjjjzr6	Hig	0.47	7.3	Dec 13, 2025	A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
CVE-2025-14622	Jjjjj Zr Jjjjjzr5	Hig	0.47	7.3	Dec 13, 2025	A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
CVE-2025-14621	Jjjjj Zr Jjjjjzr4	Hig	0.47	7.3	Dec 13, 2025	A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
CVE-2025-14620	Jjjjj Zr Jjjjjzr3	Hig	0.47	7.3	Dec 13, 2025	A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/login_query.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2025-14619	Jjjjj Zr Jjjjjzr2	Hig	0.47	7.3	Dec 13, 2025	A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file login_query.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.
CVE-2025-15205	Code Projects Mobile Shop Management System	Med	0.41	6.3	Dec 29, 2025	A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istore_id leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
CVE-2025-15050	Code Projects Mobile Shop Management System	Med	0.41	6.3	Dec 24, 2025	A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /save_file.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-9841	Code Projects Mobile Shop Management System	Med	0.41	6.3	Sep 3, 2025	A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-15213	Code Projects Mobile Shop Management System	Med	0.28	4.3	Dec 30, 2025	A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument store_id leads to improper authorization. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-9845	Carmelo Fruit Shop Management System	Low	0.23	3.5	Sep 3, 2025	A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. Such manipulation of the argument product_code/gen_name/product_name/supplier leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-14663	Jjjjj Zr Jjjjjzr16	Low	0.16	2.4	Dec 14, 2025	A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/update_student.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2025-14662	Jjjjj Zr Jjjjjzr15	Low	0.16	2.4	Dec 14, 2025	A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used.
CVE-2025-69563	Code Projects Mobile Shop Management System		0.00	—	Jan 27, 2026	code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExLogin.php via the Password parameter.
CVE-2025-69562	Code Projects Mobile Shop Management System		0.00	—	Jan 27, 2026	code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /insertmessage.php via the userid parameter.
CVE-2025-69564	Code Projects Mobile Shop Management System		0.00	—	Jan 27, 2026	code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExAddNewUser.php via the Name, Address, email, UserName, Password, confirm_password, Role, Branch, and Activate parameters.
CVE-2025-69565	Code Projects Mobile Shop Management System		0.00	—	Jan 27, 2026	code-projects Mobile Shop Management System 1.0 is vulnerable to File Upload in /ExAddProduct.php.

CVE-2025-14646HigDec 14, 2025
Jjjjj Zr
Jjjjjzr8
risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/delete_student.php. The manipulation of the argument stud_id results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
CVE-2025-14645HigDec 14, 2025
Jjjjj Zr
Jjjjjzr7
risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/delete_user.php. The manipulation of the argument user_id leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
CVE-2025-14640HigDec 14, 2025
Jjjjj Zr
Jjjjjzr14
risk 0.47cvss 7.3epss 0.00
A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/save_student.php. Executing manipulation of the argument stud_no can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
CVE-2025-14623HigDec 13, 2025
Jjjjj Zr
Jjjjjzr6
risk 0.47cvss 7.3epss 0.00
A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
CVE-2025-14622HigDec 13, 2025
Jjjjj Zr
Jjjjjzr5
risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
CVE-2025-14621HigDec 13, 2025
Jjjjj Zr
Jjjjjzr4
risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
CVE-2025-14620HigDec 13, 2025
Jjjjj Zr
Jjjjjzr3
risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/login_query.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2025-14619HigDec 13, 2025
Jjjjj Zr
Jjjjjzr2
risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file login_query.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.
CVE-2025-15205MedDec 29, 2025
Code Projects
Mobile Shop Management System
risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istore_id leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
CVE-2025-15050MedDec 24, 2025
Code Projects
Mobile Shop Management System
risk 0.41cvss 6.3epss 0.00
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /save_file.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-9841MedSep 3, 2025
Code Projects
Mobile Shop Management System
risk 0.41cvss 6.3epss 0.00
A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-15213MedDec 30, 2025
Code Projects
Mobile Shop Management System
risk 0.28cvss 4.3epss 0.00
A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument store_id leads to improper authorization. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-9845LowSep 3, 2025
Carmelo
Fruit Shop Management System
risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. Such manipulation of the argument product_code/gen_name/product_name/supplier leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-14663LowDec 14, 2025
Jjjjj Zr
Jjjjjzr16
risk 0.16cvss 2.4epss 0.00
A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/update_student.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2025-14662LowDec 14, 2025
Jjjjj Zr
Jjjjjzr15
risk 0.16cvss 2.4epss 0.00
A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used.
CVE-2025-69563Jan 27, 2026
Code Projects
Mobile Shop Management System
risk 0.00cvss —epss 0.00
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExLogin.php via the Password parameter.
CVE-2025-69562Jan 27, 2026
Code Projects
Mobile Shop Management System
risk 0.00cvss —epss 0.00
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /insertmessage.php via the userid parameter.
CVE-2025-69564Jan 27, 2026
Code Projects
Mobile Shop Management System
risk 0.00cvss —epss 0.00
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExAddNewUser.php via the Name, Address, email, UserName, Password, confirm_password, Role, Branch, and Activate parameters.
CVE-2025-69565Jan 27, 2026
Code Projects
Mobile Shop Management System
risk 0.00cvss —epss 0.00
code-projects Mobile Shop Management System 1.0 is vulnerable to File Upload in /ExAddProduct.php.