VYPR

Vendor CVEs

Code Projects

All CVEs

1,152 total · sorted by risk
  • CVE-2024-8218Aug 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Online Quiz Site 1.0 and classified as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument loginid leads to sql injection. The attack may be initiated remotely. The exploit has…

  • CVE-2024-8174Aug 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site…

  • CVE-2024-8173Aug 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the…

  • CVE-2024-8169Aug 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Online Quiz Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file signupuser.php. The manipulation of the argument lid leads to sql injection. The attack may be launched remotely. The…

  • CVE-2024-8168Aug 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument Username leads to sql injection. The attack can be…

  • CVE-2024-8147Aug 25, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The manipulation of the argument id leads to sql injection. The attack may be initiated…

  • CVE-2024-8146Aug 25, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated…

  • CVE-2024-8138Aug 25, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String…

  • CVE-2024-7937Aug 20, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in itsourcecode Project Expense Monitoring System 1.0. This vulnerability affects unknown code of the file printtransfer.php. The manipulation of the argument transfer_id leads to sql injection. The attack can be initiated…

  • CVE-2024-7936Aug 19, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in itsourcecode Project Expense Monitoring System 1.0. This affects an unknown part of the file transferred_report.php. The manipulation of the argument start/end/employee leads to sql injection. It is possible to initiate…

  • CVE-2024-7935Aug 19, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file print.php. The manipulation of the argument map_id leads to sql injection. The attack may be launched…

  • CVE-2024-7934Aug 19, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file execute.php. The manipulation of the argument code leads to sql injection. The attack can be…

  • CVE-2024-7933Aug 19, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been classified as critical. Affected is an unknown function of the file login1.php of the component Backend Login. The manipulation of the argument user leads to sql injection. It is…

  • CVE-2024-7681Aug 11, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/password leads to sql injection. The…

  • CVE-2024-7637Aug 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Online Polling 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file registeracc.php of the component Registration. The manipulation of the argument email leads to sql injection. The attack…

  • CVE-2024-7636Aug 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file authenticate.php of the component Login. The manipulation of the argument email/password leads to sql…

  • CVE-2024-7635Aug 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been classified as critical. Affected is an unknown function of the file register_insert.php of the component Registration Handler. The manipulation of the argument name/email/dob/password/Gender/phone…

  • CVE-2024-7311Jul 31, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the argument Email leads to sql injection. The attack may be initiated remotely.…

  • CVE-2024-6745Jul 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in code-projects Simple Ticket Booking 1.0. Affected is an unknown function of the file adminauthenticate.php of the component Login. The manipulation of the argument email/password leads to sql injection. It is possible to…

  • CVE-2024-29319Jul 5, 2024
    risk 0.00cvss epss 0.00

    Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via uploading a SVG file. The server can make unintended HTTP and DNS requests to a server that the attacker controls.

  • CVE-2024-29318Jul 5, 2024
    risk 0.00cvss epss 0.00

    Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via upload of a SVG file with embedded javascript code.

  • CVE-2024-37803Jun 18, 2024
    risk 0.00cvss epss 0.00

    Multiple stored cross-site scripting (XSS) vulnerabilities in CodeProjects Health Care hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname and lname parameters under the Staff Info page.

  • CVE-2024-37799Jun 18, 2024
    risk 0.00cvss epss 0.00

    CodeProjects Restaurant Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the reserv_id parameter at view_reservations.php.

  • CVE-2024-38347Jun 18, 2024
    risk 0.00cvss epss 0.01

    CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter.

  • CVE-2024-38348Jun 18, 2024
    risk 0.00cvss epss 0.00

    CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter.

  • CVE-2024-37800Jun 18, 2024
    risk 0.00cvss epss 0.00

    CodeProjects Restaurant Reservation System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Date parameter at index.php.

  • CVE-2024-37802Jun 18, 2024
    risk 0.00cvss epss 0.01

    CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Patient Info module via the searvalu parameter.

  • CVE-2024-5049May 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be…

  • CVE-2024-5048May 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The…

  • CVE-2024-4975May 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The…

  • CVE-2024-4974May 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in code-projects Simple Chat System 1.0. Affected is an unknown function of the file /register.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely.…

  • CVE-2024-4973May 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument name/number/address leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2024-4972May 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in code-projects Simple Chat System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2024-4923May 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely.…

  • CVE-2024-34955May 15, 2024
    risk 0.00cvss epss 0.01

    Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter.

  • CVE-2024-34954May 15, 2024
    risk 0.00cvss epss 0.00

    Code-projects Budget Management 1.0 is vulnerable to Cross Site Scripting (XSS) via the budget parameter.

  • CVE-2024-31610Apr 25, 2024
    risk 0.00cvss epss 0.00

    File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file.

  • CVE-2024-3948Apr 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The…

  • CVE-2024-30849Apr 5, 2024
    risk 0.00cvss epss 0.01

    Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote attackers to execute arbitrary code via filename parameter in admin/products_photo.php.

  • CVE-2024-3004Mar 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Online Book System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Product.php. The manipulation of the argument value leads to cross site scripting. The attack may be launched…

  • CVE-2024-3003Mar 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in code-projects Online Book System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cart.php. The manipulation of the argument quantity/remove leads to sql injection. The attack can be…

  • CVE-2024-3002Mar 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in code-projects Online Book System 1.0. Affected is an unknown function of the file /description.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2024-3001Mar 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in code-projects Online Book System 1.0. This issue affects some unknown processing of the file /Product.php. The manipulation of the argument value leads to sql injection. The attack may be initiated remotely.…

  • CVE-2024-3000Mar 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in code-projects Online Book System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument username/password/login_username/login_password leads to sql injection. The attack can be…

  • CVE-2024-2754Mar 21, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack…

  • CVE-2024-24105Mar 13, 2024
    risk 0.00cvss epss 0.00

    SQL Injection vulnerability in Code-projects Computer Science Time Table System 1.0 allows attackers to run arbitrary code via adminFormvalidation.php.

  • CVE-2024-24097Mar 12, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed.

  • CVE-2024-24101Mar 12, 2024
    risk 0.00cvss epss 0.00

    Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update.

  • CVE-2023-42307Mar 12, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability in Code-Projects Exam Form Submission 1.0 allows attackers to run arbitrary code via "Subject Name" and "Subject Code" section.

  • CVE-2024-24092Mar 12, 2024
    risk 0.00cvss epss 0.00

    SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to run arbitrary code via login.php.

Page 20 of 24