Code Projects Code Projects

  1. Vendors
  2. Code Projects

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Code Projects product.

RSS Feeds for Code Projects security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Code Projects products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Code Projects Sorted by Most Security Vulnerabilities since 2018

Code Projects Inventory Management System20 vulnerabilities

Code Projects Patient Record Management System19 vulnerabilities

Code Projects Blood Bank System17 vulnerabilities

Code Projects Online Shoe Store17 vulnerabilities

Code Projects Library System15 vulnerabilities

Code Projects Pharmacy Management System14 vulnerabilities

Code Projects Simple Admin Panel14 vulnerabilities

Code Projects Online Restaurant Management System14 vulnerabilities

Code Projects Blood Bank Management System11 vulnerabilities

Code Projects Point Sales Inventory Management System10 vulnerabilities

Code Projects Blood Bank9 vulnerabilities

Code Projects Simple School Management System9 vulnerabilities

Code Projects Fighting Cock Information System9 vulnerabilities

Code Projects Client Details System8 vulnerabilities

Code Projects Online Class Exam Scheduling System8 vulnerabilities

Code Projects Restaurant Reservation System7 vulnerabilities

Code Projects Chat System7 vulnerabilities

Code Projects Crime Reporting System7 vulnerabilities

Code Projects Job Recruitment6 vulnerabilities

Code Projects Inventory Management6 vulnerabilities

Code Projects Content Management System5 vulnerabilities

Code Projects Scholars Tracking System5 vulnerabilities

Code Projects Online Book Shop5 vulnerabilities

Code Projects Simple Chat System5 vulnerabilities

Code Projects Online Exam Mastering System5 vulnerabilities

Code Projects Simple Laundry System5 vulnerabilities

Code Projects Crud Operation System5 vulnerabilities

Code Projects Student Record System4 vulnerabilities

Code Projects Daily Expense Manager4 vulnerabilities

Code Projects Simple Art Gallery4 vulnerabilities

Code Projects Dormitory Management System4 vulnerabilities

Code Projects Student Enrollment4 vulnerabilities

Code Projects Human Resource Integrated System3 vulnerabilities

Code Projects Pharmacy Management3 vulnerabilities

Code Projects Product Management System3 vulnerabilities

Code Projects Hotel Management System3 vulnerabilities

Code Projects Simple Task List3 vulnerabilities

Code Projects Simple Ticket Booking3 vulnerabilities

Code Projects Travel Management System3 vulnerabilities

Code Projects Budget Management3 vulnerabilities

Code Projects Automated Voting System3 vulnerabilities

Code Projects Simple Crud Functionality2 vulnerabilities

Code Projects Voting System2 vulnerabilities

Code Projects Record Management System2 vulnerabilities

Code Projects Real Estate Property Management System2 vulnerabilities

Code Projects Student Management System2 vulnerabilities

Code Projects Police Fir Record Management System2 vulnerabilities

Code Projects Hospital Management System2 vulnerabilities

Code Projects Human Resource Management2 vulnerabilities

Code Projects Farmacia2 vulnerabilities

Code Projects Exam Form Submission2 vulnerabilities

Code Projects Employee Profile Management System2 vulnerabilities

Code Projects Computer Book Store2 vulnerabilities

Code Projects News Publishing Site Dashboard2 vulnerabilities

Code Projects Online Car Rental System2 vulnerabilities

Code Projects Online Job Portal2 vulnerabilities

Code Projects Cinema Seat Reservation System2 vulnerabilities

Code Projects College Management System1 vulnerability

Code Projects Student Enrollment In Php1 vulnerability

Code Projects Social Networking Site1 vulnerability

Code Projects Task Manager1 vulnerability

Code Projects Vehicle Parking Management System1 vulnerability

Code Projects Admin Dashboard1 vulnerability

Code Projects Simple Stock System1 vulnerability

Code Projects Hospital Information System1 vulnerability

Code Projects Simple Online Hotel Reservation System1 vulnerability

Code Projects Laundry System1 vulnerability

Code Projects Simple Car Rental System1 vulnerability

Code Projects Simple Banking System1 vulnerability

Code Projects Local Storage Todo App1 vulnerability

Code Projects Modern Bag1 vulnerability

Code Projects Shopping Portal1 vulnerability

Code Projects Online Faculty Clearance1 vulnerability

Code Projects Qr Code Generator1 vulnerability

Code Projects Online Shop Store1 vulnerability

Code Projects Prison Management System1 vulnerability

Code Projects Police Station Management System1 vulnerability

By the Year

In 2025 there have been 168 vulnerabilities in Code Projects with an average score of 8.5 out of ten. Last year, in 2024 Code Projects had 157 security vulnerabilities published. That is, 11 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.04.




Year Vulnerabilities Average Score
2025 168 8.52
2024 157 8.47
2023 35 7.40
2022 1 9.80
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Code Projects vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Code Projects Security Vulnerabilities

A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0

CVE-2025-7199 9.8 - Critical - July 08, 2025

A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0. This issue affects some unknown processing of the file /notapprove.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Student Enrollment System 1.0 and classified as critical

CVE-2025-7191 9.8 - Critical - July 08, 2025

A vulnerability has been found in code-projects Student Enrollment System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Library System 1.0

CVE-2025-7184 9.8 - Critical - July 08, 2025

A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. This affects an unknown part of the file /user/teacher/books.php. The manipulation of the argument Search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Library System 1.0

CVE-2025-7185 9.8 - Critical - July 08, 2025

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical was found in code-projects Library System 1.0

CVE-2025-7179 9.8 - Critical - July 08, 2025

A vulnerability classified as critical was found in code-projects Library System 1.0. This vulnerability affects unknown code of the file /add-teacher.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Library System 1.0 and classified as critical

CVE-2025-7174 9.8 - Critical - July 08, 2025

A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0

CVE-2025-7172 9.8 - Critical - July 08, 2025

A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0. This affects an unknown part of the file /headlogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Library System 1.0 and classified as critical

CVE-2025-7173 9.8 - Critical - July 08, 2025

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical was found in code-projects Crime Reporting System 1.0

CVE-2025-7170 9.8 - Critical - July 08, 2025

A vulnerability classified as critical was found in code-projects Crime Reporting System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Crime Reporting System 1.0

CVE-2025-7171 9.8 - Critical - July 08, 2025

A vulnerability, which was classified as critical, has been found in code-projects Crime Reporting System 1.0. Affected by this issue is some unknown functionality of the file /policelogin.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Crime Reporting System 1.0

CVE-2025-7168 9.8 - Critical - July 08, 2025

A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /userlogin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical has been found in code-projects Crime Reporting System 1.0

CVE-2025-7169 9.8 - Critical - July 08, 2025

A vulnerability classified as critical has been found in code-projects Crime Reporting System 1.0. Affected is an unknown function of the file /complainer_page.php. The manipulation of the argument location leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6901 9.8 - Critical - June 30, 2025

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/removeUser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6902 9.8 - Critical - June 30, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /php_action/editUser.php. The manipulation of the argument edituserName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQL injection vulnerability in Daily Expense Manager v1.0

CVE-2025-40731 9.8 - Critical - June 30, 2025

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php.

SQL Injection

user enumeration vulnerability in Daily Expense Manager v1.0

CVE-2025-40732 7.5 - High - June 30, 2025

user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php

Side Channel Attack

Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0

CVE-2025-40733 6.1 - Medium - June 30, 2025

Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php.

XSS

Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0

CVE-2025-40734 6.1 - Medium - June 30, 2025

Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php.

XSS

A vulnerability has been found in code-projects Library System 1.0 and classified as critical

CVE-2025-6900 9.8 - Critical - June 30, 2025

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Unrestricted File Upload

A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0

CVE-2025-6891 9.8 - Critical - June 30, 2025

A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical was found in code-projects Library System 1.0

CVE-2025-6837 9.8 - Critical - June 29, 2025

A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Unrestricted File Upload

A vulnerability classified as critical has been found in code-projects Library System 1.0

CVE-2025-6836 9.8 - Critical - June 29, 2025

A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6834 9.8 - Critical - June 29, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Library System 1.0

CVE-2025-6835 9.8 - Critical - June 29, 2025

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6828 9.8 - Critical - June 28, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0

CVE-2025-6827 9.8 - Critical - June 28, 2025

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6823 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/editProduct.php. The manipulation of the argument editProductName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6822 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/removeProduct.php. The manipulation of the argument productId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6820 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /php_action/createProduct.php. The manipulation of the argument productName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6821 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/createOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6819 9.8 - Critical - June 28, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/removeBrand.php. The manipulation of the argument brandId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6668 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/fetchSelectedBrand.php. The manipulation of the argument brandId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6665 9.8 - Critical - June 25, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/editBrand.php. The manipulation of the argument editBrandStatus leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6611 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/createBrand.php. The manipulation of the argument brandStatus leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6612 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/removeCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6502 9.8 - Critical - June 23, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6503 9.8 - Critical - June 23, 2025

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/fetchSelectedCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0

CVE-2025-6500 9.8 - Critical - June 23, 2025

A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0. Affected by this issue is some unknown functionality of the file /php_action/editCategories.php. The manipulation of the argument editCategoriesName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0

CVE-2025-6501 9.8 - Critical - June 23, 2025

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6474 9.8 - Critical - June 22, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /changeUsername.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0

CVE-2025-6446 9.8 - Critical - June 21, 2025

A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /clientdetails/admin/index.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0

CVE-2025-6354 9.8 - Critical - June 20, 2025

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/customer_signup.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0

CVE-2025-6352 9.1 - Critical - June 20, 2025

A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

forced browsing

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical

CVE-2025-6344 9.8 - Critical - June 20, 2025

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /contactus.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0

CVE-2025-6342 9.8 - Critical - June 20, 2025

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. This issue affects some unknown processing of the file /admin/admin_football.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0

CVE-2025-6343 9.8 - Critical - June 20, 2025

A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_product.php. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0

CVE-2025-6317 9.8 - Critical - June 20, 2025

A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/confirm.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6315 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cart2.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6316 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. The manipulation of the argument qty leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6307 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/edit_customer.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.