VYPR

Vendor CVEs

Carmelo

All CVEs

165 total · sorted by risk
  • CVE-2025-57515CriOct 6, 2025
    risk 0.64cvss 9.8epss 0.01

    A SQL injection vulnerability has been identified in Uniclare Student Portal v2. This flaw allows remote attackers to inject arbitrary SQL commands via vulnerable input fields, enabling the execution of time-delay functions to infer database responses.

  • CVE-2024-57401CriFeb 20, 2025
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to execute arbitrary code via the Forgot Password function.

  • CVE-2024-53345HigJan 7, 2025
    risk 0.58cvss 8.8epss 0.01

    An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file.

  • CVE-2024-33288HigMay 8, 2026
    risk 0.47cvss 7.3epss 0.01

    Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page.

  • CVE-2026-5019HigMar 29, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The…

  • CVE-2026-5018HigMar 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched…

  • CVE-2026-5017HigMar 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be…

  • CVE-2026-4319HigMar 17, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the argument price leads to sql injection. The attack can be launched remotely. The…

  • CVE-2026-3744HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Student Web Portal 1.0. This impacts the function valreg_passwdation of the file signup.php. The manipulation of the argument reg_passwd leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed…

  • CVE-2026-3736HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated…

  • CVE-2026-3735HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched…

  • CVE-2026-3723HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /Admindelete.php. The manipulation of the argument flightno results in sql injection. The attack may be performed from remote. The exploit…

  • CVE-2026-3709HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /register.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has…

  • CVE-2026-3708HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely.…

  • CVE-2026-3705HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno results in sql injection. It is possible to launch the attack remotely. The…

  • CVE-2026-0700HigJan 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /intern/admin/check_admin.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely.…

  • CVE-2025-15243HigDec 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and…

  • CVE-2025-15011HigDec 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Stock System 1.0. Impacted is an unknown function of the file /logout.php. The manipulation of the argument uname results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

  • CVE-2025-14968HigDec 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple Stock System 1.0. Affected by this issue is some unknown functionality of the file /market/update.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit…

  • CVE-2025-14959HigDec 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has…

  • CVE-2025-14647HigDec 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Computer Book Store 1.0. Affected is an unknown function of the file /admin_delete.php. This manipulation of the argument bookisbn causes sql injection. It is possible to initiate the attack remotely. The exploit has been made…

  • CVE-2025-14590HigDec 13, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2025-14223HigDec 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staff_id leads to sql injection. The attack may be launched remotely. The exploit has…

  • CVE-2025-13583HigNov 24, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed…

  • CVE-2025-13323HigNov 18, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /listorder.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been…

  • CVE-2025-12316HigOct 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Courier Management System 1.0. This impacts an unknown function of the file /courier/edit-courier.php. The manipulation of the argument OfficeName leads to sql injection. The attack is possible to be carried out remotely. The…

  • CVE-2025-11556HigOct 9, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be…

  • CVE-2025-10104HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /review_search.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-10103HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /home.php. Executing manipulation of the argument main_event can lead to sql injection. The attack may be performed from remote. The exploit has been…

  • CVE-2025-10102HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The…

  • CVE-2025-9610HigAug 29, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The…

  • CVE-2025-8495HigAug 3, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/edit_admin_query.php. The manipulation of the argument Username leads to sql injection. It is possible to…

  • CVE-2025-8494HigAug 3, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulation of the argument ID leads to sql injection. The attack…

  • CVE-2025-8493HigAug 2, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_student_query.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated…

  • CVE-2025-8339HigJul 31, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_name/password leads to sql injection. It is possible to…

  • CVE-2025-8166HigJul 25, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The manipulation of the argument Username leads to sql injection.…

  • CVE-2025-7931HigJul 21, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The manipulation of the argument image leads to unrestricted upload. The attack may be…

  • CVE-2025-7930HigJul 21, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/add_members.php. The manipulation of the argument mobile leads to sql injection. The attack…

  • CVE-2025-7929HigJul 21, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /members/edit_Members.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack…

  • CVE-2025-7928HigJul 21, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in code-projects Church Donation System 1.0 and classified as critical. This issue affects some unknown processing of the file /members/edit_user.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated…

  • CVE-2025-7861HigJul 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, was found in code-projects Church Donation System 1.0. Affected is an unknown function of the file /members/search.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack…

  • CVE-2025-7860HigJul 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of the file /members/login_admin.php. The manipulation of the argument Username leads to sql injection. The attack may be…

  • CVE-2025-7859HigJul 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/update_password_admin.php. The manipulation of the argument new_password leads to sql injection. The attack can be initiated…

  • CVE-2025-7833HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of the file /members/giving.php. The manipulation of the argument Amount leads to sql injection. The attack may be initiated…

  • CVE-2025-7832HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/offering.php. The manipulation of the argument trcode leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2025-7831HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical has been found in code-projects Church Donation System 1.0. This affects an unknown part of the file /members/Tithes.php. The manipulation of the argument trcode leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-7830HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /reg.php. The manipulation of the argument mobile leads to sql injection. The attack may be launched remotely.…

  • CVE-2025-7829HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be…

  • CVE-2025-7814HigJul 18, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely.…

  • CVE-2025-7180HigJul 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The…

Page 1 of 4