Code Projects
Products
121- 64 CVEs
- 57 CVEs
- 53 CVEs
- 47 CVEs
- 41 CVEs
- 38 CVEs
- 36 CVEs
- 34 CVEs
- 33 CVEs
- 27 CVEs
- 26 CVEs
- 24 CVEs
- 23 CVEs
- 23 CVEs
- 21 CVEs
- 21 CVEs
- 21 CVEs
- 20 CVEs
- 20 CVEs
- 19 CVEs
- 19 CVEs
- 18 CVEs
- 18 CVEs
- 16 CVEs
- 16 CVEs
- 15 CVEs
- 14 CVEs
- 14 CVEs
- 14 CVEs
- 13 CVEs
- View all 121 products →
Recent CVEs
1,152| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-4826 | Cri | 0.64 | 9.8 | 0.00 | May 16, 2024 | SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability could allow an attacker to retrieve all the information stored in the database by sending a specially crafted SQL query, due to the lack of proper sanitisation of the category_id… | ||
| CVE-2026-7503 | Hig | 0.57 | 8.8 | 0.00 | Apr 30, 2026 | A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow.… | ||
| CVE-2025-5906 | Hig | 0.48 | 7.3 | 0.01 | Jun 10, 2025 | A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the… | ||
| CVE-2026-11490 | Hig | 0.47 | 7.3 | 0.00 | Jun 8, 2026 | A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has… | ||
| CVE-2026-11489 | Hig | 0.47 | 7.3 | 0.00 | Jun 8, 2026 | A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminDeleteAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has… | ||
| CVE-2026-11488 | Hig | 0.47 | 7.3 | 0.00 | Jun 8, 2026 | A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be… | ||
| CVE-2026-11344 | Hig | 0.47 | 7.3 | 0.00 | Jun 5, 2026 | A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be… | ||
| CVE-2026-11342 | Hig | 0.47 | 7.3 | 0.00 | Jun 5, 2026 | A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed… | ||
| CVE-2026-10620 | Hig | 0.47 | 7.3 | 0.00 | Jun 2, 2026 | A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may… | ||
| CVE-2026-10290 | Hig | 0.47 | 7.3 | 0.00 | Jun 1, 2026 | A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack… | ||
| CVE-2026-10288 | Hig | 0.47 | 7.3 | 0.01 | Jun 1, 2026 | A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password_verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is… | ||
| CVE-2026-10262 | Hig | 0.47 | 7.3 | 0.00 | Jun 1, 2026 | A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has… | ||
| CVE-2026-10243 | Hig | 0.47 | 7.3 | 0.01 | Jun 1, 2026 | A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed… | ||
| CVE-2026-10208 | Hig | 0.47 | 7.3 | 0.00 | Jun 1, 2026 | A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of the file login_1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been… | ||
| CVE-2026-10186 | Hig | 0.47 | 7.3 | 0.00 | May 31, 2026 | A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed… | ||
| CVE-2026-10185 | Hig | 0.47 | 7.3 | 0.00 | May 31, 2026 | A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The… | ||
| CVE-2026-10178 | Hig | 0.47 | 7.3 | 0.00 | May 31, 2026 | A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is… | ||
| CVE-2026-10110 | Hig | 0.47 | 7.3 | 0.00 | May 30, 2026 | A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument roll results in sql injection. The attack is possible to be carried out remotely. The exploit… | ||
| CVE-2026-8098 | Hig | 0.47 | 7.3 | 0.00 | May 7, 2026 | A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been… | ||
| CVE-2026-7632 | Hig | 0.47 | 7.3 | 0.00 | May 2, 2026 | A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid causes sql injection. The attack is possible to be carried out remotely. The exploit… |
- risk 0.64cvss 9.8epss 0.00
SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability could allow an attacker to retrieve all the information stored in the database by sending a specially crafted SQL query, due to the lack of proper sanitisation of the category_id…
- risk 0.57cvss 8.8epss 0.00
A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow.…
- risk 0.48cvss 7.3epss 0.01
A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminDeleteAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has…
- risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be…
- risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed…
- risk 0.47cvss 7.3epss 0.00
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may…
- risk 0.47cvss 7.3epss 0.00
A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack…
- risk 0.47cvss 7.3epss 0.01
A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password_verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is…
- risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has…
- risk 0.47cvss 7.3epss 0.01
A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed…
- risk 0.47cvss 7.3epss 0.00
A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of the file login_1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed…
- risk 0.47cvss 7.3epss 0.00
A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument roll results in sql injection. The attack is possible to be carried out remotely. The exploit…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid causes sql injection. The attack is possible to be carried out remotely. The exploit…