Vulnerabilities (CVE)

Filtered by vendor Code-projects Subscribe
Total 116 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-25304 1 Code-projects 1 Simple School Management System 2024-02-28 N/A 8.8 HIGH
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."
CVE-2024-25312 1 Code-projects 1 Simple School Management System 2024-02-28 N/A 8.8 HIGH
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5."
CVE-2024-25309 1 Code-projects 1 Simple School Management System 2024-02-28 N/A 8.8 HIGH
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php.
CVE-2023-46580 1 Code-projects 1 Inventory Management 2024-02-28 N/A 5.4 MEDIUM
Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.
CVE-2023-46023 1 Code-projects 1 Simple Task List 2024-02-28 N/A 6.5 MEDIUM
SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 allows attackers to obtain sensitive information via the 'status' parameter.
CVE-2023-46582 1 Code-projects 1 Inventory Management 2024-02-28 N/A 7.8 HIGH
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary SQL commands via the id paramter in the deleteProduct.php component.
CVE-2024-25307 1 Code-projects 1 Cinema Seat Reservation System 2024-02-28 N/A 9.8 CRITICAL
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1."
CVE-2023-46017 1 Code-projects 1 Blood Bank 2024-02-28 N/A 5.5 MEDIUM
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
CVE-2024-25310 1 Code-projects 1 Simple School Management System 2024-02-28 N/A 8.8 HIGH
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."
CVE-2023-46016 1 Code-projects 1 Blood Bank 2024-02-28 N/A 6.1 MEDIUM
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.
CVE-2023-46019 1 Code-projects 1 Blood Bank 2024-02-28 N/A 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
CVE-2023-46015 1 Code-projects 1 Blood Bank 2024-02-28 N/A 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.
CVE-2023-46018 1 Code-projects 1 Blood Bank 2024-02-28 N/A 5.5 MEDIUM
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter.
CVE-2023-46021 1 Code-projects 1 Blood Bank 2024-02-28 N/A 5.5 MEDIUM
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter.
CVE-2024-25305 1 Code-projects 1 Simple School Management System 2024-02-28 N/A 8.8 HIGH
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php.
CVE-2023-37627 1 Code-projects 1 Online Restaurant Management System 2024-02-28 N/A 9.8 CRITICAL
Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc.