Filtered by vendor Code-projects
Subscribe
Total
404 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8762 | 1 Code-projects | 1 Crud Operation System | 2024-09-14 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Crud Operation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatedata.php. The manipulation of the argument sid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-8710 | 1 Code-projects | 1 Inventory Management | 2024-09-13 | N/A | 8.8 HIGH |
| A vulnerability classified as critical was found in code-projects Inventory Management 1.0. Affected by this vulnerability is an unknown functionality of the file /model/viewProduct.php of the component Products Table Page. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-8605 | 1 Code-projects | 1 Inventory Management | 2024-09-13 | N/A | 5.4 MEDIUM |
| A vulnerability classified as problematic was found in code-projects Inventory Management 1.0. This vulnerability affects unknown code of the file /view/registration.php of the component Registration Form. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-8366 | 1 Code-projects | 1 Pharmacy Management System | 2024-09-04 | N/A | 4.7 MEDIUM |
| A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?id=userProfileEdit of the component Update My Profile Page. The manipulation of the argument fname/lname/email with the input <script>alert(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-25313 | 1 Code-projects | 1 Simple School Management System | 2024-08-26 | N/A | 8.8 HIGH |
| Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php. | |||||
| CVE-2024-25306 | 1 Code-projects | 1 Simple School Management System | 2024-08-19 | N/A | 8.8 HIGH |
| Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php". | |||||
| CVE-2024-7636 | 1 Code-projects | 1 Simple Ticket Booking | 2024-08-15 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file authenticate.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7635 | 1 Code-projects | 1 Simple Ticket Booking | 2024-08-15 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been classified as critical. Affected is an unknown function of the file register_insert.php of the component Registration Handler. The manipulation of the argument name/email/dob/password/Gender/phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-48078 | 1 Code-projects | 1 Simple Crud Functionality | 2024-08-14 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in add.php in Simple CRUD Functionality v1.0 allows attackers to run arbitrary SQL commands via the 'title' parameter. | |||||
| CVE-2024-6745 | 1 Code-projects | 1 Simple Ticket Booking | 2024-07-19 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in code-projects Simple Ticket Booking 1.0. Affected is an unknown function of the file adminauthenticate.php of the component Login. The manipulation of the argument email/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271476. | |||||
| CVE-2024-6808 | 1 Code-projects | 1 Simple Task List | 2024-07-19 | N/A | 9.8 CRITICAL |
| A vulnerability was found in itsourcecode Simple Task List 1.0. It has been classified as critical. This affects the function insertUserRecord of the file signUp.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-271707. | |||||
| CVE-2023-7126 | 1 Code-projects | 1 Automated Voting System | 2024-05-17 | N/A | 8.8 HIGH |
| A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249129 was assigned to this vulnerability. | |||||
| CVE-2024-0466 | 1 Code-projects | 1 Employee Profile Management System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file file_table.php. The manipulation of the argument per_id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250571. | |||||
| CVE-2023-7140 | 1 Code-projects | 1 Client Details System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Client Details System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249143. | |||||
| CVE-2023-7142 | 1 Code-projects | 1 Client Details System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Client Details System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/clientview.php. The manipulation of the argument ID leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249145 was assigned to this vulnerability. | |||||
| CVE-2024-0473 | 1 Code-projects | 1 Dormitory Management System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in code-projects Dormitory Management System 1.0. Affected is an unknown function of the file comment.php. The manipulation of the argument com leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250578 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-0487 | 1 Code-projects | 1 Fighting Cock Information System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/action/delete-vaccine.php. The manipulation of the argument ref leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250592. | |||||
| CVE-2024-0359 | 1 Code-projects | 1 Simple Online Hotel Reservation System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250126 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-0477 | 1 Code-projects | 1 Fighting Cock Information System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/action/update-deworm.php. The manipulation of the argument usage_deworm leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250582 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-0469 | 1 Code-projects | 1 Human Resource Integrated System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update_personal_info.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250574 is the identifier assigned to this vulnerability. | |||||