Filtered by vendor Code-projects Subscriptions
Total 168 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-46019 1 Code-projects 1 Blood Bank 2024-09-03 6.1 Medium
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
CVE-2023-46020 1 Code-projects 1 Blood Bank 2024-09-03 6.1 Medium
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
CVE-2023-46582 1 Code-projects 1 Inventory Management 2024-09-03 7.8 High
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary SQL commands via the id paramter in the deleteProduct.php component.
CVE-2023-46580 1 Code-projects 1 Inventory Management 2024-09-03 5.4 Medium
Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.
CVE-2023-46581 1 Code-projects 1 Inventory Management 2024-09-03 5.5 Medium
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component.
CVE-2023-46022 1 Code-projects 1 Blood Bank 2024-09-03 7.8 High
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter.
CVE-2023-46023 1 Code-projects 1 Simple Task List 2024-09-03 6.5 Medium
SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 allows attackers to obtain sensitive information via the 'status' parameter.
CVE-2024-8218 2 Code-projects, Fabianros 2 Online Quiz Site, Online Quiz Site 2024-08-29 7.3 High
A vulnerability was found in code-projects Online Quiz Site 1.0 and classified as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument loginid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-0468 1 Code-projects 1 Fighting Cock Information System 2024-08-27 6.3 Medium
A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/action/new-father.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250573 was assigned to this vulnerability.
CVE-2024-0488 1 Code-projects 1 Fighting Cock Information System 2024-08-27 6.3 Medium
A vulnerability was found in code-projects Fighting Cock Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/action/new-feed.php. The manipulation of the argument type_feed leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250593 was assigned to this vulnerability.
CVE-2024-25308 1 Code-projects 1 Simple School Management System 2024-08-27 8.8 High
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php.
CVE-2024-8138 2 Code-projects, Pharmacy Management System Project 2 Pharmacy Management System, Pharmacy Management System 2024-08-27 6.3 Medium
A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVE-2024-8174 2 Blood Bank System Project, Code-projects 2 Blood Bank System, Blood Bank System 2024-08-27 4.3 Medium
A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-25313 1 Code-projects 1 Simple School Management System 2024-08-26 8.8 High
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.
CVE-2024-8167 2 Code-projects, Fabianros 2 Job Portal, Job Portal 2024-08-26 7.3 High
A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /forget.php. The manipulation of the argument email/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-8168 2 Code-projects, Fabianros 2 Online Bus Reservation Site, Online Bus Reservation Site 2024-08-26 7.3 High
A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-8169 2 Code-projects, Fabianros 2 Online Quiz Site, Online Quiz Site 2024-08-26 7.3 High
A vulnerability was found in code-projects Online Quiz Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file signupuser.php. The manipulation of the argument lid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-7808 2 Code-projects, Fabianros 2 Job Portal, Job Portal 2024-08-19 7.3 High
A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file logindbc.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-25306 1 Code-projects 1 Simple School Management System 2024-08-19 8.8 High
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php".
CVE-2024-0484 1 Code-projects 1 Fighting Cock Information System 2024-08-19 6.3 Medium
A vulnerability, which was classified as critical, has been found in code-projects Fighting Cock Information System 1.0. This issue affects some unknown processing of the file admin/action/update_mother.php. The manipulation of the argument age_mother leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250589 was assigned to this vulnerability.