VYPR

Vendor CVEs

Code Projects

All CVEs

1,152 total · sorted by risk
  • CVE-2024-4826CriMay 16, 2024
    risk 0.64cvss 9.8epss 0.00

    SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability could allow an attacker to retrieve all the information stored in the database by sending a specially crafted SQL query, due to the lack of proper sanitisation of the category_id…

  • CVE-2026-7503HigApr 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow.…

  • CVE-2025-5906HigJun 10, 2025
    risk 0.48cvss 7.3epss 0.01

    A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the…

  • CVE-2026-11490HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2026-11489HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminDeleteAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has…

  • CVE-2026-11488HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be…

  • CVE-2026-11344HigJun 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be…

  • CVE-2026-11342HigJun 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed…

  • CVE-2026-10620HigJun 2, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may…

  • CVE-2026-10290HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack…

  • CVE-2026-10288HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password_verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is…

  • CVE-2026-10262HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has…

  • CVE-2026-10243HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.01

    A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed…

  • CVE-2026-10208HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of the file login_1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2026-10186HigMay 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed…

  • CVE-2026-10185HigMay 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The…

  • CVE-2026-10178HigMay 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is…

  • CVE-2026-10110HigMay 30, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument roll results in sql injection. The attack is possible to be carried out remotely. The exploit…

  • CVE-2026-8098HigMay 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2026-7632HigMay 2, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid causes sql injection. The attack is possible to be carried out remotely. The exploit…

  • CVE-2026-7131HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack…

  • CVE-2026-7070HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made…

  • CVE-2026-7063HigApr 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing a manipulation of the argument pwd results in sql injection. The attack is…

  • CVE-2026-6183HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the file /web/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is…

  • CVE-2026-6182HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of the argument User leads to sql injection. The attack may be launched remotely.…

  • CVE-2026-6167HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be…

  • CVE-2026-6166HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipulation of the argument VEHICLE_ID leads to sql injection. The attack may be…

  • CVE-2026-6165HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/Login_check.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The…

  • CVE-2026-6164HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been…

  • CVE-2026-6163HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2026-6161HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely.…

  • CVE-2026-6153HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /util/StaffDetailsFunction.php. Such manipulation of the argument STAFF_ID leads to sql injection. The attack can be launched remotely. The exploit…

  • CVE-2026-6152HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the argument STAFF_ID causes sql injection. The attack can be initiated remotely.…

  • CVE-2026-6151HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMER_ID results in sql injection. It is possible to launch the attack…

  • CVE-2026-6148HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a manipulation of the argument BRANCH_ID results in sql injection.…

  • CVE-2026-6038HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function of the file /util/RegisterCustomerFunction.php. Such manipulation of the argument BRANCH_ID leads to sql injection. The attack may be performed from remote.…

  • CVE-2026-6037HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BRANCH_ID causes sql injection. The attack is possible to be carried out remotely.…

  • CVE-2026-6036HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the argument VEHICLE_ID results in sql injection. The attack can be executed remotely.…

  • CVE-2026-6031HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. This affects an unknown function of the file /add-category-function.php. Such manipulation of the argument Category leads to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2026-6004HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument cat_id results in sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-5985HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument user_Id results in sql injection. The attack may be performed from remote. The exploit has…

  • CVE-2026-5829HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument post_id causes sql injection. Remote exploitation of the attack is possible. The exploit…

  • CVE-2026-5828HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /functions/addcomment.php. The manipulation of the argument postid results in sql injection. The attack may be launched remotely. The exploit has…

  • CVE-2026-5827HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /question-function.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been…

  • CVE-2026-5824HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has…

  • CVE-2026-5805HigApr 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact_us.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has…

  • CVE-2026-5672HigApr 6, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /edit-category.php of the component Parameter Handler. The manipulation of the argument cat_id leads to sql injection. It is possible…

  • CVE-2026-5648HigApr 6, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /userfinishregister.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack…

  • CVE-2026-5565HigApr 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The…

  • CVE-2026-5564HigApr 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. The…

Page 1 of 24