Vendor CVEs
Code Projects
All CVEs
1,152 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-8218 | 0.00 | — | 0.01 | Aug 27, 2024 | A vulnerability was found in code-projects Online Quiz Site 1.0 and classified as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument loginid leads to sql injection. The attack may be initiated remotely. The exploit has… | |||
| CVE-2024-8174 | 0.00 | — | 0.01 | Aug 26, 2024 | A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site… | |||
| CVE-2024-8173 | 0.00 | — | 0.01 | Aug 26, 2024 | A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the… | |||
| CVE-2024-8169 | 0.00 | — | 0.01 | Aug 26, 2024 | A vulnerability was found in code-projects Online Quiz Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file signupuser.php. The manipulation of the argument lid leads to sql injection. The attack may be launched remotely. The… | |||
| CVE-2024-8168 | 0.00 | — | 0.01 | Aug 26, 2024 | A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument Username leads to sql injection. The attack can be… | |||
| CVE-2024-8147 | 0.00 | — | 0.01 | Aug 25, 2024 | A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The manipulation of the argument id leads to sql injection. The attack may be initiated… | |||
| CVE-2024-8146 | 0.00 | — | 0.01 | Aug 25, 2024 | A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated… | |||
| CVE-2024-8138 | 0.00 | — | 0.01 | Aug 25, 2024 | A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String… | |||
| CVE-2024-7937 | 0.00 | — | 0.01 | Aug 20, 2024 | A vulnerability classified as critical was found in itsourcecode Project Expense Monitoring System 1.0. This vulnerability affects unknown code of the file printtransfer.php. The manipulation of the argument transfer_id leads to sql injection. The attack can be initiated… | |||
| CVE-2024-7936 | 0.00 | — | 0.01 | Aug 19, 2024 | A vulnerability classified as critical has been found in itsourcecode Project Expense Monitoring System 1.0. This affects an unknown part of the file transferred_report.php. The manipulation of the argument start/end/employee leads to sql injection. It is possible to initiate… | |||
| CVE-2024-7935 | 0.00 | — | 0.00 | Aug 19, 2024 | A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file print.php. The manipulation of the argument map_id leads to sql injection. The attack may be launched… | |||
| CVE-2024-7934 | 0.00 | — | 0.00 | Aug 19, 2024 | A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file execute.php. The manipulation of the argument code leads to sql injection. The attack can be… | |||
| CVE-2024-7933 | 0.00 | — | 0.01 | Aug 19, 2024 | A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been classified as critical. Affected is an unknown function of the file login1.php of the component Backend Login. The manipulation of the argument user leads to sql injection. It is… | |||
| CVE-2024-7681 | 0.00 | — | 0.01 | Aug 11, 2024 | A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/password leads to sql injection. The… | |||
| CVE-2024-7637 | 0.00 | — | 0.01 | Aug 9, 2024 | A vulnerability was found in code-projects Online Polling 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file registeracc.php of the component Registration. The manipulation of the argument email leads to sql injection. The attack… | |||
| CVE-2024-7636 | 0.00 | — | 0.01 | Aug 9, 2024 | A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file authenticate.php of the component Login. The manipulation of the argument email/password leads to sql… | |||
| CVE-2024-7635 | 0.00 | — | 0.01 | Aug 9, 2024 | A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been classified as critical. Affected is an unknown function of the file register_insert.php of the component Registration Handler. The manipulation of the argument name/email/dob/password/Gender/phone… | |||
| CVE-2024-7311 | 0.00 | — | 0.01 | Jul 31, 2024 | A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the argument Email leads to sql injection. The attack may be initiated remotely.… | |||
| CVE-2024-6745 | 0.00 | — | 0.01 | Jul 15, 2024 | A vulnerability classified as critical has been found in code-projects Simple Ticket Booking 1.0. Affected is an unknown function of the file adminauthenticate.php of the component Login. The manipulation of the argument email/password leads to sql injection. It is possible to… | |||
| CVE-2024-29319 | 0.00 | — | 0.00 | Jul 5, 2024 | Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via uploading a SVG file. The server can make unintended HTTP and DNS requests to a server that the attacker controls. | |||
| CVE-2024-29318 | 0.00 | — | 0.00 | Jul 5, 2024 | Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via upload of a SVG file with embedded javascript code. | |||
| CVE-2024-37803 | 0.00 | — | 0.00 | Jun 18, 2024 | Multiple stored cross-site scripting (XSS) vulnerabilities in CodeProjects Health Care hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname and lname parameters under the Staff Info page. | |||
| CVE-2024-37799 | 0.00 | — | 0.00 | Jun 18, 2024 | CodeProjects Restaurant Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the reserv_id parameter at view_reservations.php. | |||
| CVE-2024-38347 | 0.00 | — | 0.01 | Jun 18, 2024 | CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter. | |||
| CVE-2024-38348 | 0.00 | — | 0.00 | Jun 18, 2024 | CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter. | |||
| CVE-2024-37800 | 0.00 | — | 0.00 | Jun 18, 2024 | CodeProjects Restaurant Reservation System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Date parameter at index.php. | |||
| CVE-2024-37802 | 0.00 | — | 0.01 | Jun 18, 2024 | CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Patient Info module via the searvalu parameter. | |||
| CVE-2024-5049 | 0.00 | — | 0.01 | May 17, 2024 | A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be… | |||
| CVE-2024-5048 | 0.00 | — | 0.01 | May 17, 2024 | A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The… | |||
| CVE-2024-4975 | 0.00 | — | 0.00 | May 16, 2024 | A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The… | |||
| CVE-2024-4974 | 0.00 | — | 0.00 | May 16, 2024 | A vulnerability, which was classified as problematic, was found in code-projects Simple Chat System 1.0. Affected is an unknown function of the file /register.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely.… | |||
| CVE-2024-4973 | 0.00 | — | 0.01 | May 16, 2024 | A vulnerability classified as critical was found in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument name/number/address leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2024-4972 | 0.00 | — | 0.01 | May 16, 2024 | A vulnerability classified as critical has been found in code-projects Simple Chat System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit… | |||
| CVE-2024-4923 | 0.00 | — | 0.01 | May 16, 2024 | A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely.… | |||
| CVE-2024-34955 | 0.00 | — | 0.01 | May 15, 2024 | Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter. | |||
| CVE-2024-34954 | 0.00 | — | 0.00 | May 15, 2024 | Code-projects Budget Management 1.0 is vulnerable to Cross Site Scripting (XSS) via the budget parameter. | |||
| CVE-2024-31610 | 0.00 | — | 0.00 | Apr 25, 2024 | File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file. | |||
| CVE-2024-3948 | 0.00 | — | 0.01 | Apr 18, 2024 | A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The… | |||
| CVE-2024-30849 | 0.00 | — | 0.01 | Apr 5, 2024 | Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote attackers to execute arbitrary code via filename parameter in admin/products_photo.php. | |||
| CVE-2024-3004 | 0.00 | — | 0.01 | Mar 27, 2024 | A vulnerability was found in code-projects Online Book System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Product.php. The manipulation of the argument value leads to cross site scripting. The attack may be launched… | |||
| CVE-2024-3003 | 0.00 | — | 0.01 | Mar 27, 2024 | A vulnerability has been found in code-projects Online Book System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cart.php. The manipulation of the argument quantity/remove leads to sql injection. The attack can be… | |||
| CVE-2024-3002 | 0.00 | — | 0.01 | Mar 27, 2024 | A vulnerability, which was classified as critical, was found in code-projects Online Book System 1.0. Affected is an unknown function of the file /description.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The… | |||
| CVE-2024-3001 | 0.00 | — | 0.01 | Mar 27, 2024 | A vulnerability, which was classified as critical, has been found in code-projects Online Book System 1.0. This issue affects some unknown processing of the file /Product.php. The manipulation of the argument value leads to sql injection. The attack may be initiated remotely.… | |||
| CVE-2024-3000 | 0.00 | — | 0.01 | Mar 27, 2024 | A vulnerability classified as critical was found in code-projects Online Book System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument username/password/login_username/login_password leads to sql injection. The attack can be… | |||
| CVE-2024-2754 | 0.00 | — | 0.01 | Mar 21, 2024 | A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack… | |||
| CVE-2024-24105 | 0.00 | — | 0.00 | Mar 13, 2024 | SQL Injection vulnerability in Code-projects Computer Science Time Table System 1.0 allows attackers to run arbitrary code via adminFormvalidation.php. | |||
| CVE-2024-24097 | 0.00 | — | 0.00 | Mar 12, 2024 | Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed. | |||
| CVE-2024-24101 | 0.00 | — | 0.00 | Mar 12, 2024 | Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update. | |||
| CVE-2023-42307 | 0.00 | — | 0.00 | Mar 12, 2024 | Cross Site Scripting (XSS) vulnerability in Code-Projects Exam Form Submission 1.0 allows attackers to run arbitrary code via "Subject Name" and "Subject Code" section. | |||
| CVE-2024-24092 | 0.00 | — | 0.00 | Mar 12, 2024 | SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to run arbitrary code via login.php. |
- CVE-2024-8218Aug 27, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Online Quiz Site 1.0 and classified as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument loginid leads to sql injection. The attack may be initiated remotely. The exploit has…
- CVE-2024-8174Aug 26, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site…
- CVE-2024-8173Aug 26, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the…
- CVE-2024-8169Aug 26, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Online Quiz Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file signupuser.php. The manipulation of the argument lid leads to sql injection. The attack may be launched remotely. The…
- CVE-2024-8168Aug 26, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument Username leads to sql injection. The attack can be…
- CVE-2024-8147Aug 25, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The manipulation of the argument id leads to sql injection. The attack may be initiated…
- CVE-2024-8146Aug 25, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated…
- CVE-2024-8138Aug 25, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String…
- CVE-2024-7937Aug 20, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in itsourcecode Project Expense Monitoring System 1.0. This vulnerability affects unknown code of the file printtransfer.php. The manipulation of the argument transfer_id leads to sql injection. The attack can be initiated…
- CVE-2024-7936Aug 19, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in itsourcecode Project Expense Monitoring System 1.0. This affects an unknown part of the file transferred_report.php. The manipulation of the argument start/end/employee leads to sql injection. It is possible to initiate…
- CVE-2024-7935Aug 19, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file print.php. The manipulation of the argument map_id leads to sql injection. The attack may be launched…
- CVE-2024-7934Aug 19, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file execute.php. The manipulation of the argument code leads to sql injection. The attack can be…
- CVE-2024-7933Aug 19, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been classified as critical. Affected is an unknown function of the file login1.php of the component Backend Login. The manipulation of the argument user leads to sql injection. It is…
- CVE-2024-7681Aug 11, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/password leads to sql injection. The…
- CVE-2024-7637Aug 9, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Online Polling 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file registeracc.php of the component Registration. The manipulation of the argument email leads to sql injection. The attack…
- CVE-2024-7636Aug 9, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file authenticate.php of the component Login. The manipulation of the argument email/password leads to sql…
- CVE-2024-7635Aug 9, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been classified as critical. Affected is an unknown function of the file register_insert.php of the component Registration Handler. The manipulation of the argument name/email/dob/password/Gender/phone…
- CVE-2024-7311Jul 31, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the argument Email leads to sql injection. The attack may be initiated remotely.…
- CVE-2024-6745Jul 15, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in code-projects Simple Ticket Booking 1.0. Affected is an unknown function of the file adminauthenticate.php of the component Login. The manipulation of the argument email/password leads to sql injection. It is possible to…
- CVE-2024-29319Jul 5, 2024risk 0.00cvss —epss 0.00
Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via uploading a SVG file. The server can make unintended HTTP and DNS requests to a server that the attacker controls.
- CVE-2024-29318Jul 5, 2024risk 0.00cvss —epss 0.00
Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via upload of a SVG file with embedded javascript code.
- CVE-2024-37803Jun 18, 2024risk 0.00cvss —epss 0.00
Multiple stored cross-site scripting (XSS) vulnerabilities in CodeProjects Health Care hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname and lname parameters under the Staff Info page.
- CVE-2024-37799Jun 18, 2024risk 0.00cvss —epss 0.00
CodeProjects Restaurant Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the reserv_id parameter at view_reservations.php.
- CVE-2024-38347Jun 18, 2024risk 0.00cvss —epss 0.01
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter.
- CVE-2024-38348Jun 18, 2024risk 0.00cvss —epss 0.00
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter.
- CVE-2024-37800Jun 18, 2024risk 0.00cvss —epss 0.00
CodeProjects Restaurant Reservation System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Date parameter at index.php.
- CVE-2024-37802Jun 18, 2024risk 0.00cvss —epss 0.01
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Patient Info module via the searvalu parameter.
- CVE-2024-5049May 17, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be…
- CVE-2024-5048May 17, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The…
- CVE-2024-4975May 16, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The…
- CVE-2024-4974May 16, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in code-projects Simple Chat System 1.0. Affected is an unknown function of the file /register.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely.…
- CVE-2024-4973May 16, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument name/number/address leads to sql injection. The attack can be initiated remotely. The…
- CVE-2024-4972May 16, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in code-projects Simple Chat System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit…
- CVE-2024-4923May 16, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely.…
- CVE-2024-34955May 15, 2024risk 0.00cvss —epss 0.01
Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter.
- CVE-2024-34954May 15, 2024risk 0.00cvss —epss 0.00
Code-projects Budget Management 1.0 is vulnerable to Cross Site Scripting (XSS) via the budget parameter.
- CVE-2024-31610Apr 25, 2024risk 0.00cvss —epss 0.00
File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file.
- CVE-2024-3948Apr 18, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The…
- CVE-2024-30849Apr 5, 2024risk 0.00cvss —epss 0.01
Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote attackers to execute arbitrary code via filename parameter in admin/products_photo.php.
- CVE-2024-3004Mar 27, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Online Book System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Product.php. The manipulation of the argument value leads to cross site scripting. The attack may be launched…
- CVE-2024-3003Mar 27, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects Online Book System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cart.php. The manipulation of the argument quantity/remove leads to sql injection. The attack can be…
- CVE-2024-3002Mar 27, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in code-projects Online Book System 1.0. Affected is an unknown function of the file /description.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The…
- CVE-2024-3001Mar 27, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in code-projects Online Book System 1.0. This issue affects some unknown processing of the file /Product.php. The manipulation of the argument value leads to sql injection. The attack may be initiated remotely.…
- CVE-2024-3000Mar 27, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in code-projects Online Book System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument username/password/login_username/login_password leads to sql injection. The attack can be…
- CVE-2024-2754Mar 21, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack…
- CVE-2024-24105Mar 13, 2024risk 0.00cvss —epss 0.00
SQL Injection vulnerability in Code-projects Computer Science Time Table System 1.0 allows attackers to run arbitrary code via adminFormvalidation.php.
- CVE-2024-24097Mar 12, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed.
- CVE-2024-24101Mar 12, 2024risk 0.00cvss —epss 0.00
Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update.
- CVE-2023-42307Mar 12, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in Code-Projects Exam Form Submission 1.0 allows attackers to run arbitrary code via "Subject Name" and "Subject Code" section.
- CVE-2024-24092Mar 12, 2024risk 0.00cvss —epss 0.00
SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to run arbitrary code via login.php.
Page 20 of 24