Online Bidding System
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11066 | Hig | 0.47 | 7.3 | 0.00 | Sep 27, 2025 | A flaw has been found in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/bidlist.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and… | ||
| CVE-2025-10842 | Hig | 0.47 | 7.3 | 0.00 | Sep 23, 2025 | A vulnerability was detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/wew.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and… | ||
| CVE-2025-10841 | Hig | 0.47 | 7.3 | 0.01 | Sep 23, 2025 | A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been… | ||
| CVE-2025-10802 | Hig | 0.47 | 7.3 | 0.01 | Sep 22, 2025 | A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and… | ||
| CVE-2025-10795 | Hig | 0.47 | 7.3 | 0.01 | Sep 22, 2025 | A vulnerability has been found in code-projects Online Bidding System 1.0. This affects an unknown part of the file /administrator/bidupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to… | ||
| CVE-2025-10791 | Hig | 0.47 | 7.3 | 0.01 | Sep 22, 2025 | A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has… | ||
| CVE-2025-6472 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2025 | A vulnerability, which was classified as critical, has been found in code-projects Online Bidding System 1.0. Affected by this issue is some unknown functionality of the file /showprod.php. The manipulation of the argument ID leads to sql injection. The attack may be launched… | ||
| CVE-2025-6471 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2025 | A vulnerability classified as critical was found in code-projects Online Bidding System 1.0. Affected by this vulnerability is an unknown functionality of the file /administrator. The manipulation of the argument aduser leads to sql injection. The attack can be launched… | ||
| CVE-2025-6470 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2025 | A vulnerability classified as critical has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /bidlog.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has… | ||
| CVE-2025-6469 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2025 | A vulnerability was found in code-projects Online Bidding System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /details.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit… | ||
| CVE-2025-6468 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2025 | A vulnerability was found in code-projects Online Bidding System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /bidnow.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit… | ||
| CVE-2025-6467 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2025 | A vulnerability was found in code-projects Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument User leads to sql injection. It is possible to initiate the attack remotely. The… | ||
| CVE-2024-2077 | Med | 0.41 | 6.3 | 0.01 | Mar 1, 2024 | A vulnerability classified as critical has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category_id leads to sql injection. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-13574 | Med | 0.31 | 4.7 | 0.00 | Nov 24, 2025 | A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out… |
- risk 0.47cvss 7.3epss 0.00
A flaw has been found in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/bidlist.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/wew.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and…
- risk 0.47cvss 7.3epss 0.01
A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.01
A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and…
- risk 0.47cvss 7.3epss 0.01
A vulnerability has been found in code-projects Online Bidding System 1.0. This affects an unknown part of the file /administrator/bidupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to…
- risk 0.47cvss 7.3epss 0.01
A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has…
- risk 0.47cvss 7.3epss 0.00
A vulnerability, which was classified as critical, has been found in code-projects Online Bidding System 1.0. Affected by this issue is some unknown functionality of the file /showprod.php. The manipulation of the argument ID leads to sql injection. The attack may be launched…
- risk 0.47cvss 7.3epss 0.00
A vulnerability classified as critical was found in code-projects Online Bidding System 1.0. Affected by this vulnerability is an unknown functionality of the file /administrator. The manipulation of the argument aduser leads to sql injection. The attack can be launched…
- risk 0.47cvss 7.3epss 0.00
A vulnerability classified as critical has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /bidlog.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Bidding System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /details.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Bidding System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /bidnow.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument User leads to sql injection. It is possible to initiate the attack remotely. The…
- risk 0.41cvss 6.3epss 0.01
A vulnerability classified as critical has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category_id leads to sql injection. It is possible to initiate the attack remotely. The…
- risk 0.31cvss 4.7epss 0.00
A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. The attack is possible to be carried out…