VYPR

Vendor CVEs

Codezips

All CVEs

99 total · sorted by risk
  • CVE-2026-30576HigMar 27, 2026
    risk 0.49cvss 7.5epss 0.00

    A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This…

  • CVE-2026-30575HigMar 27, 2026
    risk 0.49cvss 7.5epss 0.00

    A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the…

  • CVE-2026-30574HigMar 27, 2026
    risk 0.49cvss 7.5epss 0.00

    A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity (txtqty) exceeds the available stock level. An attacker can manipulate the request to…

  • CVE-2025-12288MedOct 27, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an unknown function of the file /user/edit_user/ of the component User Profile Handler. Performing manipulation results in authorization bypass. Remote exploitation of the attack is…

  • CVE-2024-12955Dec 26, 2024
    risk 0.03cvss epss 0.01

    A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as problematic. This vulnerability affects unknown code of the file /logout.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The…

  • CVE-2024-10140Oct 19, 2024
    risk 0.02cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. Affected by this issue is some unknown functionality of the file /manage_supplier.php. The manipulation of the argument id leads to sql injection. The attack may be…

  • CVE-2025-4888May 18, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. This affects the function medicineType::take_order of the component Add Order Details. The manipulation leads to buffer overflow. An attack has to be approached locally.…

  • CVE-2025-29208Apr 1, 2025
    risk 0.00cvss epss 0.00

    CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php.

  • CVE-2025-2847Mar 27, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/over_month.php. The manipulation of the argument mm leads to sql injection. The attack may be…

  • CVE-2025-1959Mar 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /change_s_pwd.php. The manipulation of the argument login_id/login_key leads to sql injection. It is possible to launch the attack…

  • CVE-2025-1903Mar 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Online Shopping Website 1.0. It has been rated as critical. This issue affects some unknown processing of the file /cart_add.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit…

  • CVE-2025-1858Mar 3, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Codezips Online Shopping Website 1.0. This vulnerability affects unknown code of the file /success.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been…

  • CVE-2025-1856Mar 3, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/gen_invoice.php. The manipulation of the argument id leads to sql injection. The attack may be…

  • CVE-2025-1854Mar 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/del_member.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack…

  • CVE-2025-1850Mar 3, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Affected by this issue is some unknown functionality of the file /university.php. The manipulation of the argument book_name leads to sql injection. The attack may be…

  • CVE-2025-1380Feb 17, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/del_plan.php. The manipulation of the argument name leads to sql injection. The attack may be launched…

  • CVE-2025-1206Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /dashboard/admin/viewdetailroutine.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-1188Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/updateroutine.php. The manipulation of the argument tid leads to sql injection. The attack…

  • CVE-2025-1183Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in CodeZips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/more-userprofile.php. The manipulation of the argument login_id leads to sql injection. The…

  • CVE-2025-0881Jan 30, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/saveroutine.php. The manipulation of the argument rname leads to sql injection. It is possible to launch the attack…

  • CVE-2025-0880Jan 30, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/updateplan.php. The manipulation of the argument planid leads to sql injection. The attack may be initiated…

  • CVE-2025-0803Jan 29, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/submit_plan_new.php. The manipulation of the argument planid leads to sql injection. The…

  • CVE-2025-0562Jan 19, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/health_status_entry.php. The manipulation of the argument usrid leads to sql injection. The attack may be initiated…

  • CVE-2025-0541Jan 17, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/edit_member.php. The manipulation of the argument name leads to sql injection. The attack may be initiated…

  • CVE-2025-0535Jan 17, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Codezips Gym Management System 1.0. This affects an unknown part of the file /dashboard/admin/edit_mem_submit.php. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-0532Jan 17, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/new_submit.php. The manipulation of the argument m_id leads to sql injection. It is possible to launch the attack…

  • CVE-2025-0336Jan 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-0233Jan 5, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/course.php. The manipulation of the argument course_name leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-0232Jan 5, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /successadmin.php. The manipulation of the argument psw leads to sql injection. The attack may be launched…

  • CVE-2025-0231Jan 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Codezips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/submit_payments.php. The manipulation of the argument m_id leads to sql injection. The attack…

  • CVE-2024-13025Dec 29, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument book_name/book_author leads to sql injection. It is possible to launch…

  • CVE-2024-13024Dec 29, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /campaign.php. The manipulation of the argument cname leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2024-13007Dec 29, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2024-12982Dec 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in PHPGurukul Blood Bank & Donor Management System 2.4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bbdms/admin/update-contactinfo.php. The manipulation of the argument Address leads to cross site…

  • CVE-2024-12926Dec 25, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Codezips Project Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/forms/advanced.php. The manipulation of the argument name leads to sql injection. The attack can be launched…

  • CVE-2024-12788Dec 19, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Technical Discussion Forum 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file signinpost.php. The manipulation of the argument username leads to sql injection. The attack may be launched…

  • CVE-2024-12484Dec 11, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Codezips Technical Discussion Forum 1.0. This vulnerability affects unknown code of the file /signuppost.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit…

  • CVE-2024-12231Dec 5, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in CodeZips Project Management System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2024-11661Nov 25, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file profile.php of the component Profile Image Handler. The manipulation of the argument image leads to…

  • CVE-2024-11057Nov 10, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Codezips Hospital Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /removeBranchResult.php. The manipulation of the argument ID/Name leads to sql injection. The attack can…

  • CVE-2024-10995Nov 8, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Hospital Appointment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /removeDoctorResult.php. The manipulation of the argument Name leads to sql injection. The attack may be launched…

  • CVE-2024-10994Nov 8, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit_user.php. The manipulation of the argument image leads to unrestricted upload. The attack…

  • CVE-2024-10993Nov 8, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Codezips Online Institute Management System 1.0. Affected is an unknown function of the file /manage_website.php. The manipulation of the argument website_image leads to unrestricted upload. It is possible to launch…

  • CVE-2024-10991Nov 8, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. This issue affects some unknown processing of the file /editBranchResult.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated…

  • CVE-2024-10791Nov 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. This issue affects some unknown processing of the file /doctorAction.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated…

  • CVE-2024-10766Nov 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. The…

  • CVE-2024-10765Nov 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument old_image leads to unrestricted upload. The attack can be initiated…

  • CVE-2024-10764Nov 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects an unknown part of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack…

  • CVE-2024-10752Nov 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /productsadd.php. The manipulation of the argument id/name leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2024-10751Nov 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The…

Page 1 of 2