Code Projects Code Projects

  1. Vendors
  2. Code Projects

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Code Projects product.

RSS Feeds for Code Projects security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Code Projects products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Code Projects Sorted by Most Security Vulnerabilities since 2018

Code Projects Patient Record Management System19 vulnerabilities

Code Projects Blood Bank System17 vulnerabilities

Code Projects Online Shoe Store17 vulnerabilities

Code Projects Simple Admin Panel14 vulnerabilities

Code Projects Online Restaurant Management System14 vulnerabilities

Code Projects Pharmacy Management System14 vulnerabilities

Code Projects Blood Bank Management System11 vulnerabilities

Code Projects Point Sales Inventory Management System10 vulnerabilities

Code Projects Blood Bank9 vulnerabilities

Code Projects Fighting Cock Information System9 vulnerabilities

Code Projects Inventory Management System9 vulnerabilities

Code Projects Simple School Management System9 vulnerabilities

Code Projects Online Class Exam Scheduling System8 vulnerabilities

Code Projects Client Details System7 vulnerabilities

Code Projects Chat System7 vulnerabilities

Code Projects Restaurant Reservation System7 vulnerabilities

Code Projects Job Recruitment6 vulnerabilities

Code Projects Inventory Management6 vulnerabilities

Code Projects Library System5 vulnerabilities

Code Projects Online Book Shop5 vulnerabilities

Code Projects Online Exam Mastering System5 vulnerabilities

Code Projects Scholars Tracking System5 vulnerabilities

Code Projects Simple Chat System5 vulnerabilities

Code Projects Simple Laundry System5 vulnerabilities

Code Projects Crud Operation System5 vulnerabilities

Code Projects Content Management System5 vulnerabilities

Code Projects Simple Art Gallery4 vulnerabilities

Code Projects Dormitory Management System4 vulnerabilities

Code Projects Student Record System4 vulnerabilities

Code Projects Product Management System3 vulnerabilities

Code Projects Pharmacy Management3 vulnerabilities

Code Projects Simple Task List3 vulnerabilities

Code Projects Simple Ticket Booking3 vulnerabilities

Code Projects Student Enrollment3 vulnerabilities

Code Projects Travel Management System3 vulnerabilities

Code Projects Automated Voting System3 vulnerabilities

Code Projects Budget Management3 vulnerabilities

Code Projects Hotel Management System3 vulnerabilities

Code Projects Human Resource Integrated System3 vulnerabilities

Code Projects Farmacia2 vulnerabilities

Code Projects Voting System2 vulnerabilities

Code Projects Student Management System2 vulnerabilities

Code Projects Cinema Seat Reservation System2 vulnerabilities

Code Projects Computer Book Store2 vulnerabilities

Code Projects Crime Reporting System2 vulnerabilities

Code Projects Employee Profile Management System2 vulnerabilities

Code Projects Simple Crud Functionality2 vulnerabilities

Code Projects Exam Form Submission2 vulnerabilities

Code Projects Hospital Management System2 vulnerabilities

Code Projects Record Management System2 vulnerabilities

Code Projects Online Job Portal2 vulnerabilities

Code Projects Online Car Rental System2 vulnerabilities

Code Projects News Publishing Site Dashboard2 vulnerabilities

Code Projects Police Fir Record Management System2 vulnerabilities

Code Projects Human Resource Management2 vulnerabilities

Code Projects Real Estate Property Management System2 vulnerabilities

Code Projects Local Storage Todo App1 vulnerability

Code Projects Vehicle Parking Management System1 vulnerability

Code Projects Admin Dashboard1 vulnerability

Code Projects Task Manager1 vulnerability

Code Projects Student Enrollment In Php1 vulnerability

Code Projects Online Shop Store1 vulnerability

Code Projects Social Networking Site1 vulnerability

Code Projects College Management System1 vulnerability

Code Projects Modern Bag1 vulnerability

Code Projects Simple Stock System1 vulnerability

Code Projects Simple Online Hotel Reservation System1 vulnerability

Code Projects Laundry System1 vulnerability

Code Projects Simple Car Rental System1 vulnerability

Code Projects Simple Banking System1 vulnerability

Code Projects Online Faculty Clearance1 vulnerability

Code Projects Hospital Information System1 vulnerability

Code Projects Shopping Portal1 vulnerability

Code Projects Police Station Management System1 vulnerability

Code Projects Prison Management System1 vulnerability

Code Projects Qr Code Generator1 vulnerability

By the Year

In 2025 there have been 136 vulnerabilities in Code Projects with an average score of 8.3 out of ten. Last year, in 2024 Code Projects had 157 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Code Projects in 2025 could surpass last years number. Last year, the average CVE base score was greater by 0.21




Year Vulnerabilities Average Score
2025 136 8.27
2024 157 8.47
2023 35 7.40
2022 1 9.80
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Code Projects vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Code Projects Security Vulnerabilities

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6668 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/fetchSelectedBrand.php. The manipulation of the argument brandId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6665 9.8 - Critical - June 25, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/editBrand.php. The manipulation of the argument editBrandStatus leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6611 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/createBrand.php. The manipulation of the argument brandStatus leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0

CVE-2025-6612 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/removeCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6502 9.8 - Critical - June 23, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6503 9.8 - Critical - June 23, 2025

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/fetchSelectedCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0

CVE-2025-6500 9.8 - Critical - June 23, 2025

A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0. Affected by this issue is some unknown functionality of the file /php_action/editCategories.php. The manipulation of the argument editCategoriesName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0

CVE-2025-6501 9.8 - Critical - June 23, 2025

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical

CVE-2025-6474 9.8 - Critical - June 22, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /changeUsername.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0

CVE-2025-6354 9.8 - Critical - June 20, 2025

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/customer_signup.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0

CVE-2025-6352 9.1 - Critical - June 20, 2025

A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

forced browsing

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0

CVE-2025-6342 9.8 - Critical - June 20, 2025

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. This issue affects some unknown processing of the file /admin/admin_football.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0

CVE-2025-6343 9.8 - Critical - June 20, 2025

A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_product.php. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical

CVE-2025-6344 9.8 - Critical - June 20, 2025

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /contactus.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0

CVE-2025-6317 9.8 - Critical - June 20, 2025

A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/confirm.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6315 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cart2.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6316 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. The manipulation of the argument qty leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6307 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/edit_customer.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0 and classified as critical

CVE-2025-6304 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cart.php. The manipulation of the argument qty[] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6305 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin_feature.php. The manipulation of the argument product_code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Shoe Store 1.0

CVE-2025-6306 9.8 - Critical - June 20, 2025

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin_index.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical

CVE-2025-6303 9.8 - Critical - June 20, 2025

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /contactus1.php. The manipulation of the argument Message leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical has been found in code-projects Laundry System 1.0

CVE-2025-5906 9.8 - Critical - June 10, 2025

A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Missing Authentication for Critical Function

A vulnerability has been found in code-projects Laundry System 1.0 and classified as problematic

CVE-2025-5796 5.4 - Medium - June 06, 2025

A vulnerability has been found in code-projects Laundry System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /data/edit_type.php. The manipulation of the argument Type leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

XSS

A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic

CVE-2025-5797 5.4 - Medium - June 06, 2025

A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. This issue affects some unknown processing of the file /data/insert_type.php. The manipulation of the argument Type leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

XSS

A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical

CVE-2025-5779 7.5 - High - June 06, 2025

A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /birthing.php. The manipulation of the argument itr_no/comp_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical

CVE-2025-5780 7.5 - High - June 06, 2025

A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view_dental.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic

CVE-2025-5764 5.4 - Medium - June 06, 2025

A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/insert_laundry.php. The manipulation of the argument Customer leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

XSS

A vulnerability was found in code-projects Laundry System 1.0

CVE-2025-5765 5.4 - Medium - June 06, 2025

A vulnerability was found in code-projects Laundry System 1.0. It has been classified as problematic. This affects an unknown part of the file /data/edit_laundry.php. The manipulation of the argument Customer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

XSS

A vulnerability was found in code-projects Laundry System 1.0

CVE-2025-5766 4.3 - Medium - June 06, 2025

A vulnerability was found in code-projects Laundry System 1.0. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Session Riding

A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0

CVE-2025-5762 7.5 - High - June 06, 2025

A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file view_hematology.php. The manipulation of the argument itr_no leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0

CVE-2025-5632 8.8 - High - June 05, 2025

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulation of the argument change_to_admin leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0

CVE-2025-5633 8.8 - High - June 05, 2025

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the argument delete leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0

CVE-2025-5631 9.8 - Critical - June 05, 2025

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknown function of the file /publicposts.php. The manipulation of the argument post leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0

CVE-2025-5627 7.5 - High - June 05, 2025

A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /sputum_form.php. The manipulation of the argument itr_no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS)

CVE-2025-46173 - May 27, 2025

code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) via the name field in the feedback form.

A vulnerability was found in code-projects Police Station Management System 1.0

CVE-2025-4891 7.8 - High - May 18, 2025

A vulnerability was found in code-projects Police Station Management System 1.0. It has been classified as critical. Affected is the function criminal::display of the file source.cpp of the component Display Record. The manipulation of the argument N leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Classic Buffer Overflow

A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0

CVE-2025-4888 7.8 - High - May 18, 2025

A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. This affects the function medicineType::take_order of the component Add Order Details. The manipulation leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Classic Buffer Overflow

A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0

CVE-2025-4500 7.8 - High - May 10, 2025

A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0. Affected by this issue is the function Edit of the component Edit Room. The manipulation of the argument roomnumber leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Memory Corruption

A vulnerability was found in code-projects Simple Banking System up to 1.0

CVE-2025-4497 7.8 - High - May 10, 2025

A vulnerability was found in code-projects Simple Banking System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the component Sign In. The manipulation of the argument password2 leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

Classic Buffer Overflow

A vulnerability was found in code-projects Patient Record Management System 1.0

CVE-2025-4459 8.8 - High - May 09, 2025

A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file fecalysis_form.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Patient Record Management System 1.0

CVE-2025-4458 8.8 - High - May 09, 2025

A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_upatient.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0

CVE-2025-4197 8.8 - High - May 02, 2025

A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file /edit_xpatient.php. The manipulation of the argument lastname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0

CVE-2025-4069 7.8 - High - April 29, 2025

A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Buffer Overflow

A vulnerability classified as critical was found in code-projects Prison Management System 1.0

CVE-2025-4059 7.8 - High - April 29, 2025

A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Memory Corruption

A vulnerability was found in code-projects Patient Record Management System 1.0

CVE-2025-4021 7.5 - High - April 28, 2025

A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit_spatient.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0

CVE-2025-3969 9.8 - Critical - April 27, 2025

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit-category.php of the component Edit Category Page. The manipulation of the argument category_image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Unrestricted File Upload

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0

CVE-2025-3968 8.8 - High - April 27, 2025

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /api.php. The manipulation of the argument cat_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability, which was classified as critical, was found in codeprojects Patient Record Management System 1.0

CVE-2025-3955 7.5 - High - April 27, 2025

A vulnerability, which was classified as critical, was found in codeprojects Patient Record Management System 1.0. This affects an unknown part of the file /edit_rpatient.php.php. The manipulation of the argument id/lastname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in /Scheduling/pages/profile_update.php

CVE-2025-44135 - April 24, 2025

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in /Scheduling/pages/profile_update.php. Manipulating the parameter username will cause SQL injection attacks.

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.