Vendor CVEs
Code Projects
All CVEs
1,152 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-0359 | 0.00 | — | 0.01 | Jan 10, 2024 | A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be… | |||
| CVE-2023-7130 | 0.00 | — | 0.01 | Dec 31, 2023 | A vulnerability has been found in code-projects College Notes Gallery 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument user leads to sql injection. The exploit has been disclosed to… | |||
| CVE-2023-7143 | 0.00 | — | 0.01 | Dec 29, 2023 | A vulnerability was found in code-projects Client Details System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/regester.php. The manipulation of the argument fname/lname/email/contact leads to cross site scripting.… | |||
| CVE-2023-7142 | 0.00 | — | 0.01 | Dec 29, 2023 | A vulnerability was found in code-projects Client Details System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/clientview.php. The manipulation of the argument ID leads to sql injection. The exploit has… | |||
| CVE-2023-7141 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability was found in code-projects Client Details System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/update-clients.php. The manipulation of the argument uid leads to sql injection. The exploit has been disclosed to the… | |||
| CVE-2023-7140 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability was found in code-projects Client Details System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the… | |||
| CVE-2023-7139 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability has been found in code-projects Client Details System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/regester.php of the component HTTP POST Request Handler. The manipulation of the argument fname/lname/email/contact… | |||
| CVE-2023-7138 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability, which was classified as critical, was found in code-projects Client Details System 1.0. This affects an unknown part of the file /admin of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection. The exploit has… | |||
| CVE-2023-7137 | 0.00 | — | 0.17 | Dec 28, 2023 | A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the component HTTP POST Request Handler. The manipulation of the argument uemail leads to sql injection. The… | |||
| CVE-2023-7136 | 0.00 | — | 0.00 | Dec 28, 2023 | A vulnerability classified as problematic was found in code-projects Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /main/doctype.php of the component Document Type Handler. The manipulation of the argument docname with the… | |||
| CVE-2023-7135 | 0.00 | — | 0.00 | Dec 28, 2023 | A vulnerability classified as problematic has been found in code-projects Record Management System 1.0. Affected is an unknown function of the file /main/offices.php of the component Offices Handler. The manipulation of the argument officename with the input "><script… | |||
| CVE-2023-7129 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability, which was classified as critical, was found in code-projects Voting System 1.0. Affected is an unknown function of the component Voters Login. The manipulation of the argument voter leads to sql injection. The exploit has been disclosed to the public and may be… | |||
| CVE-2023-7128 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. This issue affects some unknown processing of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has… | |||
| CVE-2023-7127 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be… | |||
| CVE-2023-7126 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to… | |||
| CVE-2023-7124 | 0.00 | — | 0.01 | Dec 28, 2023 | A vulnerability, which was classified as problematic, was found in code-projects E-Commerce Site 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument keyword with the input <video/src=x onerror=alert(document.cookie)> leads to cross site… | |||
| CVE-2023-7111 | 0.00 | — | 0.01 | Dec 26, 2023 | A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The… | |||
| CVE-2023-7110 | 0.00 | — | 0.01 | Dec 26, 2023 | A vulnerability, which was classified as critical, has been found in code-projects Library Management System 2.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument student leads to sql injection. The attack may be initiated… | |||
| CVE-2023-7109 | 0.00 | — | 0.01 | Dec 26, 2023 | A vulnerability classified as critical was found in code-projects Library Management System 2.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2023-7108 | 0.00 | — | 0.01 | Dec 26, 2023 | A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file user_signup.php. The manipulation of the argument firstname with the input <video/src=x onerror=alert(document.domain)> leads to cross site… | |||
| CVE-2023-7107 | 0.00 | — | 0.01 | Dec 25, 2023 | A vulnerability was found in code-projects E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file user_signup.php. The manipulation of the argument firstname/middlename/email/address/contact/username leads to sql… | |||
| CVE-2023-7106 | 0.00 | — | 0.01 | Dec 25, 2023 | A vulnerability was found in code-projects E-Commerce Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file product_details.php?prod_id=11. The manipulation of the argument prod_id leads to sql injection. The attack… | |||
| CVE-2023-7105 | 0.00 | — | 0.01 | Dec 25, 2023 | A vulnerability was found in code-projects E-Commerce Website 1.0. It has been classified as critical. Affected is an unknown function of the file index_search.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely. The… | |||
| CVE-2023-7097 | 0.00 | — | 0.01 | Dec 25, 2023 | A vulnerability classified as critical has been found in code-projects Water Billing System 1.0. This affects an unknown part of the file /addbill.php. The manipulation of the argument owners_id leads to sql injection. It is possible to initiate the attack remotely. The exploit… | |||
| CVE-2023-7075 | 0.00 | — | 0.01 | Dec 22, 2023 | A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /main/checkout.php. The manipulation of the argument pt leads to cross site scripting.… | |||
| CVE-2023-7057 | 0.00 | — | 0.01 | Dec 22, 2023 | A vulnerability, which was classified as problematic, has been found in code-projects Faculty Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pages/yearlevel.php. The manipulation of the argument Year Level/Section leads to cross… | |||
| CVE-2023-7056 | 0.00 | — | 0.00 | Dec 22, 2023 | A vulnerability classified as problematic was found in code-projects Faculty Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/pages/subjects.php. The manipulation of the argument Description/Units leads to cross site scripting.… | |||
| CVE-2023-6652 | 0.00 | — | 0.01 | Dec 10, 2023 | A vulnerability was found in code-projects Matrimonial Site 1.0. It has been declared as critical. Affected by this vulnerability is the function register of the file /register.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has… | |||
| CVE-2023-6651 | 0.00 | — | 0.01 | Dec 10, 2023 | A vulnerability was found in code-projects Matrimonial Site 1.0. It has been classified as critical. Affected is an unknown function of the file /auth/auth.php?user=1. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely.… | |||
| CVE-2023-46017 | 0.00 | — | 0.00 | Nov 13, 2023 | SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters. | |||
| CVE-2023-46014 | 0.00 | — | 0.00 | Nov 13, 2023 | SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. | |||
| CVE-2023-46016 | 0.00 | — | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL. | |||
| CVE-2023-46020 | 0.00 | — | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. | |||
| CVE-2023-46021 | 0.00 | — | 0.00 | Nov 13, 2023 | SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter. | |||
| CVE-2023-46015 | 0.00 | — | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL. | |||
| CVE-2023-46018 | 0.00 | — | 0.00 | Nov 13, 2023 | SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter. | |||
| CVE-2023-46019 | 0.00 | — | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. | |||
| CVE-2023-5829 | 0.00 | — | 0.01 | Oct 27, 2023 | A vulnerability was found in code-projects Admission Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file student_avatar.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The… | |||
| CVE-2023-5580 | 0.00 | — | 0.01 | Oct 14, 2023 | A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been… | |||
| CVE-2023-5471 | 0.00 | — | 0.01 | Oct 10, 2023 | A vulnerability, which was classified as critical, was found in codeprojects Farmacia 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument usario/senha leads to sql injection. It is possible to launch the attack remotely. The exploit has… | |||
| CVE-2023-43838 | 0.00 | — | 0.01 | Oct 4, 2023 | An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar. | |||
| CVE-2023-42253 | 0.00 | — | 0.00 | Sep 18, 2023 | Code-Projects Vehicle Management 1.0 is vulnerable to Cross Site Scripting (XSS) in Add Accounts via Invoice No, To, and Mammul. | |||
| CVE-2023-37069 | 0.00 | — | 0.01 | Aug 10, 2023 | Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password… | |||
| CVE-2023-37068 | 0.00 | — | 0.01 | Aug 9, 2023 | Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username… | |||
| CVE-2023-37627 | 0.00 | — | 0.01 | Jul 12, 2023 | Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc. | |||
| CVE-2023-36968 | 0.00 | — | 0.01 | Jul 6, 2023 | A SQL Injection vulnerability detected in Food Ordering System v1.0 allows attackers to run commands on the database by sending crafted SQL queries to the ID parameter. | |||
| CVE-2023-3339 | 0.00 | — | 0.01 | Jun 21, 2023 | A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file exam-delete.php. The manipulation of the argument test_id leads to sql injection. The attack can… | |||
| CVE-2023-3310 | 0.00 | — | 0.01 | Jun 18, 2023 | A vulnerability, which was classified as critical, has been found in code-projects Agro-School Management System 1.0. Affected by this issue is some unknown functionality of the file loaddata.php. The manipulation of the argument subject/course leads to sql injection. The attack… | |||
| CVE-2023-3274 | 0.00 | — | 0.01 | Jun 15, 2023 | A vulnerability classified as critical has been found in code-projects Supplier Management System 1.0. Affected is an unknown function of the file btn_functions.php of the component Picture Handler. The manipulation leads to unrestricted upload. It is possible to launch the… | |||
| CVE-2023-3094 | 0.00 | — | 0.01 | Jun 4, 2023 | A vulnerability classified as critical has been found in code-projects Agro-School Management System 1.0. Affected is the function doUpdateQuestion of the file btn_functions.php. The manipulation of the argument question_id leads to sql injection. It is possible to launch the… |
- CVE-2024-0359Jan 10, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be…
- CVE-2023-7130Dec 31, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects College Notes Gallery 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument user leads to sql injection. The exploit has been disclosed to…
- CVE-2023-7143Dec 29, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Client Details System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/regester.php. The manipulation of the argument fname/lname/email/contact leads to cross site scripting.…
- CVE-2023-7142Dec 29, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Client Details System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/clientview.php. The manipulation of the argument ID leads to sql injection. The exploit has…
- CVE-2023-7141Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Client Details System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/update-clients.php. The manipulation of the argument uid leads to sql injection. The exploit has been disclosed to the…
- CVE-2023-7140Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Client Details System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the…
- CVE-2023-7139Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects Client Details System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/regester.php of the component HTTP POST Request Handler. The manipulation of the argument fname/lname/email/contact…
- CVE-2023-7138Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in code-projects Client Details System 1.0. This affects an unknown part of the file /admin of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection. The exploit has…
- CVE-2023-7137Dec 28, 2023risk 0.00cvss —epss 0.17
A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the component HTTP POST Request Handler. The manipulation of the argument uemail leads to sql injection. The…
- CVE-2023-7136Dec 28, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in code-projects Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /main/doctype.php of the component Document Type Handler. The manipulation of the argument docname with the…
- CVE-2023-7135Dec 28, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in code-projects Record Management System 1.0. Affected is an unknown function of the file /main/offices.php of the component Offices Handler. The manipulation of the argument officename with the input "><script…
- CVE-2023-7129Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in code-projects Voting System 1.0. Affected is an unknown function of the component Voters Login. The manipulation of the argument voter leads to sql injection. The exploit has been disclosed to the public and may be…
- CVE-2023-7128Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. This issue affects some unknown processing of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has…
- CVE-2023-7127Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be…
- CVE-2023-7126Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to…
- CVE-2023-7124Dec 28, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, was found in code-projects E-Commerce Site 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument keyword with the input <video/src=x onerror=alert(document.cookie)> leads to cross site…
- CVE-2023-7111Dec 26, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The…
- CVE-2023-7110Dec 26, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in code-projects Library Management System 2.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument student leads to sql injection. The attack may be initiated…
- CVE-2023-7109Dec 26, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in code-projects Library Management System 2.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The…
- CVE-2023-7108Dec 26, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file user_signup.php. The manipulation of the argument firstname with the input <video/src=x onerror=alert(document.domain)> leads to cross site…
- CVE-2023-7107Dec 25, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file user_signup.php. The manipulation of the argument firstname/middlename/email/address/contact/username leads to sql…
- CVE-2023-7106Dec 25, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects E-Commerce Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file product_details.php?prod_id=11. The manipulation of the argument prod_id leads to sql injection. The attack…
- CVE-2023-7105Dec 25, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects E-Commerce Website 1.0. It has been classified as critical. Affected is an unknown function of the file index_search.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely. The…
- CVE-2023-7097Dec 25, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in code-projects Water Billing System 1.0. This affects an unknown part of the file /addbill.php. The manipulation of the argument owners_id leads to sql injection. It is possible to initiate the attack remotely. The exploit…
- CVE-2023-7075Dec 22, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /main/checkout.php. The manipulation of the argument pt leads to cross site scripting.…
- CVE-2023-7057Dec 22, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, has been found in code-projects Faculty Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pages/yearlevel.php. The manipulation of the argument Year Level/Section leads to cross…
- CVE-2023-7056Dec 22, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in code-projects Faculty Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/pages/subjects.php. The manipulation of the argument Description/Units leads to cross site scripting.…
- CVE-2023-6652Dec 10, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Matrimonial Site 1.0. It has been declared as critical. Affected by this vulnerability is the function register of the file /register.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has…
- CVE-2023-6651Dec 10, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Matrimonial Site 1.0. It has been classified as critical. Affected is an unknown function of the file /auth/auth.php?user=1. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely.…
- CVE-2023-46017Nov 13, 2023risk 0.00cvss —epss 0.00
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
- CVE-2023-46014Nov 13, 2023risk 0.00cvss —epss 0.00
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.
- CVE-2023-46016Nov 13, 2023risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.
- CVE-2023-46020Nov 13, 2023risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
- CVE-2023-46021Nov 13, 2023risk 0.00cvss —epss 0.00
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter.
- CVE-2023-46015Nov 13, 2023risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.
- CVE-2023-46018Nov 13, 2023risk 0.00cvss —epss 0.00
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter.
- CVE-2023-46019Nov 13, 2023risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
- CVE-2023-5829Oct 27, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Admission Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file student_avatar.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The…
- CVE-2023-5580Oct 14, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been…
- CVE-2023-5471Oct 10, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in codeprojects Farmacia 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument usario/senha leads to sql injection. It is possible to launch the attack remotely. The exploit has…
- CVE-2023-43838Oct 4, 2023risk 0.00cvss —epss 0.01
An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar.
- CVE-2023-42253Sep 18, 2023risk 0.00cvss —epss 0.00
Code-Projects Vehicle Management 1.0 is vulnerable to Cross Site Scripting (XSS) in Add Accounts via Invoice No, To, and Mammul.
- CVE-2023-37069Aug 10, 2023risk 0.00cvss —epss 0.01
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password…
- CVE-2023-37068Aug 9, 2023risk 0.00cvss —epss 0.01
Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username…
- CVE-2023-37627Jul 12, 2023risk 0.00cvss —epss 0.01
Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc.
- CVE-2023-36968Jul 6, 2023risk 0.00cvss —epss 0.01
A SQL Injection vulnerability detected in Food Ordering System v1.0 allows attackers to run commands on the database by sending crafted SQL queries to the ID parameter.
- CVE-2023-3339Jun 21, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file exam-delete.php. The manipulation of the argument test_id leads to sql injection. The attack can…
- CVE-2023-3310Jun 18, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in code-projects Agro-School Management System 1.0. Affected by this issue is some unknown functionality of the file loaddata.php. The manipulation of the argument subject/course leads to sql injection. The attack…
- CVE-2023-3274Jun 15, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in code-projects Supplier Management System 1.0. Affected is an unknown function of the file btn_functions.php of the component Picture Handler. The manipulation leads to unrestricted upload. It is possible to launch the…
- CVE-2023-3094Jun 4, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in code-projects Agro-School Management System 1.0. Affected is the function doUpdateQuestion of the file btn_functions.php. The manipulation of the argument question_id leads to sql injection. It is possible to launch the…
Page 22 of 24