VYPR

Vendor CVEs

Carmelo

All CVEs

165 total · sorted by risk
  • CVE-2025-6938HigJul 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-6937HigJul 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2025-6936HigJul 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /addpro.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-6889HigJun 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /logIn.php. The manipulation of the argument postName leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2025-6483HigJun 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument ID leads to sql injection. The attack can be…

  • CVE-2025-6482HigJun 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack…

  • CVE-2025-6481HigJun 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated…

  • CVE-2025-6480HigJun 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /addcatexec.php. The manipulation of the argument textfield leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2025-6479HigJun 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /salesreport.php. The manipulation of the argument dayfrom leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2025-6360HigJun 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /portal.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2025-6359HigJun 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cashconfirm.php. The manipulation of the argument transactioncode leads to sql injection. The attack may…

  • CVE-2025-6358HigJun 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saveorder.php. The manipulation of the argument ID leads to sql injection. The attack can be…

  • CVE-2025-6357HigJun 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of the argument person leads to sql injection. It is possible to launch the attack…

  • CVE-2025-6356HigJun 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /addmem.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-6161HigJun 17, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack…

  • CVE-2025-6124HigJun 16, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Restaurant Order System 1.0 and classified as critical. This issue affects some unknown processing of the file /tablelow.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit…

  • CVE-2025-6123HigJun 16, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Restaurant Order System 1.0 and classified as critical. This vulnerability affects unknown code of the file /payment.php. The manipulation of the argument tabidNoti leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2025-5980HigJun 10, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical was found in code-projects Restaurant Order System 1.0. This vulnerability affects unknown code of the file /order.php. The manipulation of the argument tabidNoti leads to sql injection. The attack can be initiated remotely. The exploit has…

  • CVE-2026-5330MedApr 2, 2026
    risk 0.42cvss 6.5epss 0.00

    A vulnerability was found in SourceCodester/mayuri_k Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_user of the component User Delete Handler. Performing a manipulation of the argument ID results in…

  • CVE-2026-4533MedMar 22, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The…

  • CVE-2026-3745MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Student Web Portal 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument User results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.

  • CVE-2025-14834MedDec 17, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in code-projects Simple Stock System 1.0. This affects an unknown function of the file /checkuser.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been made…

  • CVE-2025-14589MedDec 13, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The…

  • CVE-2025-14230MedDec 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/add_payroll.php. Performing manipulation of the argument detail_Id results in sql injection. The attack can be initiated remotely. The…

  • CVE-2025-14222MedDec 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /print_personnel_report.php. This manipulation of the argument per_id causes sql injection. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-14203MedDec 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has…

  • CVE-2025-14195MedDec 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/add_file_query.php. The manipulation of the argument per_file results in unrestricted upload. The attack may be launched remotely.…

  • CVE-2025-14193MedDec 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file /view_personnel.php. Executing a manipulation of the argument per_id can lead to sql injection. The attack can be launched remotely. The…

  • CVE-2025-13396MedNov 19, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made…

  • CVE-2025-13303MedNov 17, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit…

  • CVE-2025-12263MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /edit_judge.php. The manipulation of the argument judge_id leads to sql injection. The attack may be initiated remotely. The exploit is publicly available…

  • CVE-2025-12262MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /edit_criteria.php. Executing manipulation of the argument crit_id can lead to sql injection. The attack can be launched remotely. The exploit has been…

  • CVE-2025-12256MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /edit_contestant.php. Executing manipulation of the argument contestant_id can lead to sql injection. The attack can be executed remotely. The…

  • CVE-2025-12255MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /add_contestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The…

  • CVE-2025-12254MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /add_judge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit…

  • CVE-2025-12252MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /ajax/action.php. The manipulation of the argument content results in sql injection. The attack can be launched remotely. The exploit has been made public and…

  • CVE-2025-11553MedOct 9, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched…

  • CVE-2025-11551MedOct 9, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2025-8165MedJul 25, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Food Review System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/approve_reservation.php. The manipulation of the argument occasion leads to sql injection. The attack may be initiated…

  • CVE-2025-8018MedJul 22, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/reservation_page.php. The manipulation of the argument reg_Id leads to sql injection. The…

  • CVE-2025-7181MedJul 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, was found in code-projects Staff Audit System 1.0. Affected is an unknown function of the file /test.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely.…

  • CVE-2025-6890MedJun 30, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation of the argument Date leads to sql injection. The attack may be initiated…

  • CVE-2025-6884MedJun 30, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /search_index.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated…

  • CVE-2025-6883MedJun 30, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /update_index.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit…

  • CVE-2025-6122MedJun 16, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, was found in code-projects Restaurant Order System 1.0. This affects an unknown part of the file /table.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-4532MedMar 22, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manipulation leads to files or directories…

  • CVE-2026-3711MedMar 8, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was detected in code-projects Simple Flight Ticket Booking System 1.0. Affected is an unknown function of the file /Adminupdate.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp results in sql injection. The…

  • CVE-2026-3710MedMar 8, 2026
    risk 0.31cvss 4.7epss 0.00

    A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to sql injection.…

  • CVE-2026-0850MedJan 11, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /admin/delete_activity.php. Executing a manipulation of the argument activity_id can lead to sql injection. The attack may be launched remotely.…

  • CVE-2026-0729MedJan 8, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was detected in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /intern/admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. Remote exploitation of the attack is…