VYPR

Vendor CVEs

Code Projects

All CVEs

1,152 total · sorted by risk
  • CVE-2023-3062Jun 2, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Agro-School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument password leads to sql injection. It is possible to launch the attack…

  • CVE-2023-3061Jun 2, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Agro-School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file btn_functions.php of the component Attachment Image Handler. The manipulation leads to unrestricted upload. The attack…

  • CVE-2023-3060Jun 2, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btn_functions.php. The manipulation of the argument Question leads to cross site scripting. The…

  • CVE-2023-3004May 31, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=read_msg of the component POST Parameter Handler. The manipulation of the argument…

  • CVE-2021-31233May 31, 2023
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability found in Fighting Cock Information System v.1.0 allows a remote attacker to obtain sensitive information via the edit_breed.php parameter.

  • CVE-2023-2951May 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in code-projects Bus Dispatch and Information System 1.0. Affected is an unknown function of the file delete_bus.php. The manipulation of the argument busid leads to sql injection. It is possible to launch the attack…

  • CVE-2023-2776May 17, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-229282 is the identifier assigned to this…

  • CVE-2023-2775May 17, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Bus Dispatch and Information System 1.0. It has been classified as critical. This affects an unknown part of the file adminHome.php. The manipulation of the argument reach_city leads to sql injection. It is possible to initiate the…

  • CVE-2023-2774May 17, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file view_branch.php. The manipulation of the argument branchid leads to sql injection. The attack may be…

  • CVE-2023-2773May 17, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file view_admin.php. The manipulation of the argument adminid leads to sql injection. The attack…

  • CVE-2023-1561Mar 22, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in code-projects Simple Online Hotel Reservation System 1.0. Affected is an unknown function of the file add_room.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely.…

  • CVE-2023-1500Mar 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file adminHome.php. The manipulation of the argument about_info leads to cross site scripting. The attack may…

  • CVE-2023-1499Mar 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in code-projects Simple Art Gallery 1.0. Affected by this vulnerability is an unknown functionality of the file adminHome.php. The manipulation of the argument reach_city leads to sql injection. The attack can be launched…

  • CVE-2023-1498Mar 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to…

  • CVE-2023-1431Mar 16, 2023
    risk 0.00cvss epss 0.01

    The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.6.3 due to the plugin saving shopping cart data exports in a publicly accessible location (/wp-content/plugins/wordpress-simple-paypal-shopping-car…

  • CVE-2023-1416Mar 15, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an unknown function of the file adminHome.php. The manipulation of the argument social_facebook leads to sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2023-1415Mar 15, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the…

  • CVE-2023-1030Feb 24, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester/code-projects Online Boat Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /boat/login.php of the component POST Parameter Handler. The manipulation of…

  • CVE-2023-0918Feb 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in codeprojects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file add.php of the component Avatar Image Handler. The manipulation leads to unrestricted upload. The attack can be initiated…

  • CVE-2022-4672Jan 23, 2023
    risk 0.00cvss epss 0.01

    The WordPress Simple Shopping Cart WordPress plugin before 4.6.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which…

  • CVE-2022-4739Dec 25, 2022
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in SourceCodester School Dormitory Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Admin Login. The manipulation leads to sql injection. The attack can be launched remotely. The…

  • CVE-2022-4250Dec 1, 2022
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Movie Ticket Booking System and classified as problematic. Affected by this vulnerability is an unknown functionality of the file booking.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched…

  • CVE-2022-4247Dec 1, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Movie Ticket Booking System. This vulnerability affects unknown code of the file booking.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to…

  • CVE-2022-40470Nov 21, 2022
    risk 0.00cvss epss 0.01

    Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature.

  • CVE-2022-3130Sep 7, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in codeprojects Online Driving School. This affects an unknown part of the file /login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2022-3129Sep 7, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in codeprojects Online Driving School. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registration.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has…

  • CVE-2022-37253Sep 6, 2022
    risk 0.00cvss epss 0.01

    Persistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to introduce arbitary Javascript via manipulation of an unsanitized POST parameter

  • CVE-2022-36675Sep 1, 2022
    risk 0.00cvss epss 0.01

    Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/manage_schedule.php.

  • CVE-2022-36681Aug 26, 2022
    risk 0.00cvss epss 0.01

    Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_account.

  • CVE-2022-36683Aug 26, 2022
    risk 0.00cvss epss 0.01

    Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_payment.

  • CVE-2022-36679Aug 26, 2022
    risk 0.00cvss epss 0.01

    Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user.

  • CVE-2022-36678Aug 26, 2022
    risk 0.00cvss epss 0.01

    Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.

  • CVE-2022-2707Aug 8, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Online Class and Exam Scheduling System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/faculty_sched.php. The manipulation of the argument faculty with the input ' OR (SELECT…

  • CVE-2022-2706Aug 8, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Online Class and Exam Scheduling System 1.0. Affected is an unknown function of the file /pages/class_sched.php. The manipulation of the argument class with the input '||(SELECT 0x684d6b6c WHERE 5993=5993…

  • CVE-2022-32318Jul 14, 2022
    risk 0.00cvss epss 0.00

    Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via the component /ffos/classes/Master.php?f=save_category.

  • CVE-2022-30927Jun 6, 2022
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter.

  • CVE-2022-1991Jun 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in Fast Food Ordering System 1.0. Affected is the file Master.php of the Master List. The manipulation of the argument Description with the input foo "> leads to cross site…

  • CVE-2022-30817May 31, 2022
    risk 0.00cvss epss 0.01

    Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php.

  • CVE-2022-30460May 24, 2022
    risk 0.00cvss epss 0.00

    Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /sns/classes/Users.php?f=save, firstname.

  • CVE-2022-30886May 20, 2022
    risk 0.00cvss epss 0.02

    School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php.

  • CVE-2022-30052May 17, 2022
    risk 0.00cvss epss 0.01

    In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks.

  • CVE-2022-30375May 13, 2022
    risk 0.00cvss epss 0.01

    Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img.

  • CVE-2022-30376May 13, 2022
    risk 0.00cvss epss 0.01

    Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=.

  • CVE-2022-30378May 13, 2022
    risk 0.00cvss epss 0.01

    Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/view_post&id=.

  • CVE-2022-30379May 13, 2022
    risk 0.00cvss epss 0.01

    Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=.

  • CVE-2022-29317May 11, 2022
    risk 0.00cvss epss 0.01

    Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php.

  • CVE-2022-25394Mar 2, 2022
    risk 0.00cvss epss 0.02

    Medical Store Management System v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter under customer-add.php.

  • CVE-2021-44092Jan 20, 2022
    risk 0.00cvss epss 0.01

    An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username parameter in the administer login form.

  • CVE-2021-25211Jul 22, 2021
    risk 0.00cvss epss 0.02

    Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php.

  • CVE-2020-36002Feb 17, 2021
    risk 0.00cvss epss 0.02

    Seat-Reservation-System 1.0 has a SQL injection vulnerability in index.php in the id parameter where attackers can obtain sensitive database information.

Page 23 of 24