Vendor CVEs
Codeastro
All CVEs
221 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11104 | Med | 0.41 | 6.3 | 0.00 | Sep 28, 2025 | A vulnerability was detected in CodeAstro Electricity Billing System 1.0. Affected by this issue is some unknown functionality of the file /admin/bill.php. The manipulation of the argument uid results in sql injection. The attack may be launched remotely. The exploit is now… | ||
| CVE-2025-10780 | Med | 0.41 | 6.3 | 0.00 | Sep 22, 2025 | A vulnerability was determined in CodeAstro Simple Pharmacy Management 1.0. This affects an unknown function of the file /view.php. This manipulation of the argument bar_code causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly… | ||
| CVE-2025-9942 | Med | 0.41 | 6.3 | 0.00 | Sep 4, 2025 | A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /submitproperty.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and… | ||
| CVE-2025-9941 | Med | 0.41 | 6.3 | 0.00 | Sep 4, 2025 | A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /register.php. Executing manipulation of the argument uimage can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published… | ||
| CVE-2025-9847 | Med | 0.41 | 6.3 | 0.00 | Sep 3, 2025 | A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is an unknown function of the file register.php. This manipulation of the argument uimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been… | ||
| CVE-2025-6329 | Med | 0.35 | 5.4 | 0.00 | Jun 20, 2025 | A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file userdelete.php of the component User Delete Handler. The manipulation of the argument ID leads to authorization… | ||
| CVE-2026-3137 | Med | 0.34 | 5.3 | 0.00 | Feb 25, 2026 | A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has… | ||
| CVE-2023-33770 | Med | 0.33 | 5.1 | 0.00 | May 6, 2025 | Real Estate Management System v1.0 was discovered to contain a SQL injection vulnerability via the message parameter at /contact.php. | ||
| CVE-2026-12175 | Med | 0.31 | 4.7 | 0.00 | Jun 13, 2026 | A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of… | ||
| CVE-2025-14900 | Med | 0.31 | 4.7 | 0.00 | Dec 19, 2025 | A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be… | ||
| CVE-2025-14899 | Med | 0.31 | 4.7 | 0.00 | Dec 19, 2025 | A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has… | ||
| CVE-2025-14898 | Med | 0.31 | 4.7 | 0.00 | Dec 19, 2025 | A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely.… | ||
| CVE-2025-14897 | Med | 0.31 | 4.7 | 0.00 | Dec 19, 2025 | A vulnerability was identified in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /admin/useragentdelete.php of the component Administrator Endpoint. The manipulation leads to sql injection. The attack can be initiated… | ||
| CVE-2025-12610 | Med | 0.31 | 4.7 | 0.00 | Nov 3, 2025 | A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been… | ||
| CVE-2025-12609 | Med | 0.31 | 4.7 | 0.00 | Nov 3, 2025 | A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progress.php. Performing a manipulation of the argument id/ini_weight results in sql injection. The attack may be initiated remotely.… | ||
| CVE-2025-13793 | Med | 0.28 | 4.3 | 0.00 | Nov 30, 2025 | A weakness has been identified in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some unknown functionality of the file /includes/header_menu.php of the component GET Parameter Handler. Executing manipulation of the… | ||
| CVE-2025-13119 | Med | 0.28 | 4.3 | 0.00 | Nov 13, 2025 | A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been published and may be used. | ||
| CVE-2025-12244 | Med | 0.28 | 4.3 | 0.00 | Oct 27, 2025 | A vulnerability was determined in code-projects Simple E-Banking System 1.0. This affects an unknown part of the file /eBank/register.php. Executing manipulation of the argument Username can lead to cross site scripting. The attack may be launched remotely. The exploit has been… | ||
| CVE-2025-7133 | Med | 0.28 | 4.3 | 0.00 | Jul 7, 2025 | A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the… | ||
| CVE-2025-6664 | Med | 0.28 | 4.3 | 0.00 | Jun 25, 2025 | A vulnerability, which was classified as problematic, was found in CodeAstro Patient Record Management System 1.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed… | ||
| CVE-2025-6478 | Med | 0.28 | 4.3 | 0.00 | Jun 22, 2025 | A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. | ||
| CVE-2026-12130 | Low | 0.23 | 3.5 | 0.00 | Jun 12, 2026 | A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/Add_Projects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack… | ||
| CVE-2026-12129 | Low | 0.23 | 3.5 | 0.00 | Jun 12, 2026 | A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/add_tod of the component Dashboard Interface. The manipulation of the argument todo_data leads to cross site scripting.… | ||
| CVE-2025-9940 | Low | 0.23 | 3.5 | 0.00 | Sep 4, 2025 | A vulnerability was detected in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /feature.php. Performing manipulation of the argument msg results in cross site scripting. The attack can be initiated remotely. The exploit is now public… | ||
| CVE-2025-9939 | Low | 0.23 | 3.5 | 0.00 | Sep 4, 2025 | A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack… | ||
| CVE-2025-9237 | Low | 0.23 | 3.5 | 0.00 | Aug 20, 2025 | A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is… | ||
| CVE-2025-7153 | Low | 0.23 | 3.5 | 0.00 | Jul 8, 2025 | A vulnerability classified as problematic was found in CodeAstro Simple Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor.html of the component POST Parameter Handler. The manipulation of the argument First Name/Last… | ||
| CVE-2025-7148 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2025 | A vulnerability was found in CodeAstro Simple Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /patient.html of the component POST Parameter Handler. The manipulation leads to cross site scripting. The… | ||
| CVE-2026-11491 | Low | 0.16 | 2.4 | 0.00 | Jun 8, 2026 | A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All_notice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input <svg onload="alert('Stored XSS… | ||
| CVE-2025-6452 | Low | 0.16 | 2.4 | 0.00 | Jun 22, 2025 | A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting.… | ||
| CVE-2025-6131 | Low | 0.16 | 2.4 | 0.00 | Jun 16, 2025 | A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads… | ||
| CVE-2024-25869 | 0.04 | — | 0.19 | Feb 28, 2024 | An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component. | |||
| CVE-2024-7815 | 0.03 | — | 0.01 | Aug 15, 2024 | A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the… | |||
| CVE-2025-70150 | 0.00 | — | 0.01 | Feb 18, 2026 | CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter. | |||
| CVE-2025-70149 | 0.00 | — | 0.00 | Feb 18, 2026 | CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print_membership_card.php via the ID parameter. | |||
| CVE-2025-70148 | 0.00 | — | 0.00 | Feb 18, 2026 | Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure… | |||
| CVE-2024-44652 | 0.00 | — | 0.00 | Nov 17, 2025 | Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email, username, user_firstname, user_lastname, and user_address parameters in user_register.php. | |||
| CVE-2024-44653 | 0.00 | — | 0.00 | Nov 17, 2025 | Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email parameter in user_login.php. | |||
| CVE-2024-44651 | 0.00 | — | 0.00 | Nov 17, 2025 | Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the recover_email parameter in user_password_recover.php. | |||
| CVE-2025-5611 | 0.00 | — | 0.00 | Jun 4, 2025 | A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2025-5610 | 0.00 | — | 0.00 | Jun 4, 2025 | A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete.php. The manipulation of the argument ID leads to sql injection. The attack… | |||
| CVE-2025-5583 | 0.00 | — | 0.00 | Jun 4, 2025 | A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /register.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed… | |||
| CVE-2025-5582 | 0.00 | — | 0.00 | Jun 4, 2025 | A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely.… | |||
| CVE-2025-5581 | 0.00 | — | 0.00 | Jun 4, 2025 | A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely.… | |||
| CVE-2025-5580 | 0.00 | — | 0.00 | Jun 4, 2025 | A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The… | |||
| CVE-2025-5128 | 0.00 | — | 0.01 | May 24, 2025 | A vulnerability, which was classified as critical, was found in ScriptAndTools Real-Estate-website-in-PHP 1.0. Affected is an unknown function of the file /admin/ of the component Admin Login Panel. The manipulation of the argument Password leads to sql injection. It is possible… | |||
| CVE-2025-4811 | 0.00 | — | 0.00 | May 16, 2025 | A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack… | |||
| CVE-2025-4067 | 0.00 | — | 0.00 | Apr 29, 2025 | A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. Affected is an unknown function of the file /admin/viewpackage.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit… | |||
| CVE-2025-4066 | 0.00 | — | 0.00 | Apr 29, 2025 | A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The… | |||
| CVE-2025-4065 | 0.00 | — | 0.00 | Apr 29, 2025 | A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/addadvertisement.php. The manipulation leads to improper access controls. The attack can be initiated remotely.… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in CodeAstro Electricity Billing System 1.0. Affected by this issue is some unknown functionality of the file /admin/bill.php. The manipulation of the argument uid results in sql injection. The attack may be launched remotely. The exploit is now…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in CodeAstro Simple Pharmacy Management 1.0. This affects an unknown function of the file /view.php. This manipulation of the argument bar_code causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /submitproperty.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /register.php. Executing manipulation of the argument uimage can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is an unknown function of the file register.php. This manipulation of the argument uimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been…
- risk 0.35cvss 5.4epss 0.00
A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file userdelete.php of the component User Delete Handler. The manipulation of the argument ID leads to authorization…
- risk 0.34cvss 5.3epss 0.00
A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has…
- risk 0.33cvss 5.1epss 0.00
Real Estate Management System v1.0 was discovered to contain a SQL injection vulnerability via the message parameter at /contact.php.
- risk 0.31cvss 4.7epss 0.00
A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of…
- risk 0.31cvss 4.7epss 0.00
A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be…
- risk 0.31cvss 4.7epss 0.00
A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has…
- risk 0.31cvss 4.7epss 0.00
A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely.…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was identified in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /admin/useragentdelete.php of the component Administrator Endpoint. The manipulation leads to sql injection. The attack can be initiated…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progress.php. Performing a manipulation of the argument id/ini_weight results in sql injection. The attack may be initiated remotely.…
- risk 0.28cvss 4.3epss 0.00
A weakness has been identified in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some unknown functionality of the file /includes/header_menu.php of the component GET Parameter Handler. Executing manipulation of the…
- risk 0.28cvss 4.3epss 0.00
A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been published and may be used.
- risk 0.28cvss 4.3epss 0.00
A vulnerability was determined in code-projects Simple E-Banking System 1.0. This affects an unknown part of the file /eBank/register.php. Executing manipulation of the argument Username can lead to cross site scripting. The attack may be launched remotely. The exploit has been…
- risk 0.28cvss 4.3epss 0.00
A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the…
- risk 0.28cvss 4.3epss 0.00
A vulnerability, which was classified as problematic, was found in CodeAstro Patient Record Management System 1.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely.
- risk 0.23cvss 3.5epss 0.00
A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/Add_Projects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/add_tod of the component Dashboard Interface. The manipulation of the argument todo_data leads to cross site scripting.…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was detected in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /feature.php. Performing manipulation of the argument msg results in cross site scripting. The attack can be initiated remotely. The exploit is now public…
- risk 0.23cvss 3.5epss 0.00
A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is…
- risk 0.23cvss 3.5epss 0.00
A vulnerability classified as problematic was found in CodeAstro Simple Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor.html of the component POST Parameter Handler. The manipulation of the argument First Name/Last…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in CodeAstro Simple Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /patient.html of the component POST Parameter Handler. The manipulation leads to cross site scripting. The…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All_notice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input <svg onload="alert('Stored XSS…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting.…
- risk 0.16cvss 2.4epss 0.00
A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads…
- CVE-2024-25869Feb 28, 2024risk 0.04cvss —epss 0.19
An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component.
- CVE-2024-7815Aug 15, 2024risk 0.03cvss —epss 0.01
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the…
- CVE-2025-70150Feb 18, 2026risk 0.00cvss —epss 0.01
CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter.
- CVE-2025-70149Feb 18, 2026risk 0.00cvss —epss 0.00
CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print_membership_card.php via the ID parameter.
- CVE-2025-70148Feb 18, 2026risk 0.00cvss —epss 0.00
Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure…
- CVE-2024-44652Nov 17, 2025risk 0.00cvss —epss 0.00
Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email, username, user_firstname, user_lastname, and user_address parameters in user_register.php.
- CVE-2024-44653Nov 17, 2025risk 0.00cvss —epss 0.00
Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email parameter in user_login.php.
- CVE-2024-44651Nov 17, 2025risk 0.00cvss —epss 0.00
Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the recover_email parameter in user_password_recover.php.
- CVE-2025-5611Jun 4, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack…
- CVE-2025-5610Jun 4, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete.php. The manipulation of the argument ID leads to sql injection. The attack…
- CVE-2025-5583Jun 4, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /register.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed…
- CVE-2025-5582Jun 4, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely.…
- CVE-2025-5581Jun 4, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely.…
- CVE-2025-5580Jun 4, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The…
- CVE-2025-5128May 24, 2025risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in ScriptAndTools Real-Estate-website-in-PHP 1.0. Affected is an unknown function of the file /admin/ of the component Admin Login Panel. The manipulation of the argument Password leads to sql injection. It is possible…
- CVE-2025-4811May 16, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack…
- CVE-2025-4067Apr 29, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. Affected is an unknown function of the file /admin/viewpackage.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit…
- CVE-2025-4066Apr 29, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The…
- CVE-2025-4065Apr 29, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/addadvertisement.php. The manipulation leads to improper access controls. The attack can be initiated remotely.…
Page 2 of 5