Code Projects Inventory Management System

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Code Projects Inventory Management System.

By the Year

In 2025 there have been 20 vulnerabilities in Code Projects Inventory Management System with an average score of 9.8 out of ten.

Year	Vulnerabilities	Average Score
2025	20	9.80

It may take a day or so for new Inventory Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Code Projects Inventory Management System Security Vulnerabilities

CVE-2025-6901: Remote SQLi via userid on PHP removeUser.php (IMS v1.0)
CVE-2025-6901 9.8 - Critical - June 30, 2025

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/removeUser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi in Inventory Management System 1.0 editUser.php
CVE-2025-6902 9.8 - Critical - June 30, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /php_action/editUser.php. The manipulation of the argument edituserName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Code-Projects IMS 1.0 SQLi via createUser.php Username
CVE-2025-6891 9.8 - Critical - June 30, 2025

A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Code-Projects IMS 1.0 - SQLi via orderId in php_action/editPayment.php (critical)
CVE-2025-6834 9.8 - Critical - June 29, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Inventory Management System 1.0 PHP: SQLi via /orders.php arg i (critical)
CVE-2025-6828 9.8 - Critical - June 28, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi in code-projects Inventory Management System 1.0 (remote)
CVE-2025-6827 9.8 - Critical - June 28, 2025

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in Inventory Management System 1.0 via editProductName in editProduct.php
CVE-2025-6823 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/editProduct.php. The manipulation of the argument editProductName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

CVE-2025-6822: Code-Projects Inventory Mgmt Sys 1.0 SQLi in removeProduct.php
CVE-2025-6822 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/removeProduct.php. The manipulation of the argument productId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

code-projects Inventory Management System 1.0 SQLi via createOrder.php
CVE-2025-6821 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/createOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in code-projects IMS 1.0 createProduct.php (productName)
CVE-2025-6820 9.8 - Critical - June 28, 2025

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /php_action/createProduct.php. The manipulation of the argument productName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi via /php_action/removeBrand.php in Inventory Management System 1.0
CVE-2025-6819 9.8 - Critical - June 28, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/removeBrand.php. The manipulation of the argument brandId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in Inventory Management System 1.0 /php_action/fetchSelectedBrand.php
CVE-2025-6668 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/fetchSelectedBrand.php. The manipulation of the argument brandId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in /php_action/editBrand.php of Inventory Management System 1.0
CVE-2025-6665 9.8 - Critical - June 25, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/editBrand.php. The manipulation of the argument editBrandStatus leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi in code-projects IMS 1.0 createBrand.php via brandStatus
CVE-2025-6611 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/createBrand.php. The manipulation of the argument brandStatus leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQL Injection in code-projects Inventory Management System 1.0 removeCategories.php
CVE-2025-6612 9.8 - Critical - June 25, 2025

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/removeCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Inventory Management Sys 1.0 – SQLi via user_id in changePassword.php
CVE-2025-6502 9.8 - Critical - June 23, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in Inventory Management System 1.0 fetchSelectedCategories.php
CVE-2025-6503 9.8 - Critical - June 23, 2025

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/fetchSelectedCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Code-Projects IMS 1.0 SQLi in editCategories.php via editCategoriesName
CVE-2025-6500 9.8 - Critical - June 23, 2025

A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0. Affected by this issue is some unknown functionality of the file /php_action/editCategories.php. The manipulation of the argument editCategoriesName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi in code-projects IMS 1.0 via categoriesStatus (createCategories.php)
CVE-2025-6501 9.8 - Critical - June 23, 2025

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi via user_id in Inventory Mgmnt Sys v1.0 /changeUsername.php
CVE-2025-6474 9.8 - Critical - June 22, 2025

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /changeUsername.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Code Projects Inventory Management System or by Code Projects? Click the Watch button to subscribe.

Code Projects
Vendor

Code Projects Inventory Management System
Product

Code Projects Inventory Management System

Don't miss out!

By the Year

Recent Code Projects Inventory Management System Security Vulnerabilities

CVE-2025-6901: Remote SQLi via userid on PHP removeUser.php (IMS v1.0) CVE-2025-6901 9.8 - Critical - June 30, 2025

Critical SQLi in Inventory Management System 1.0 editUser.php CVE-2025-6902 9.8 - Critical - June 30, 2025

Code-Projects IMS 1.0 SQLi via createUser.php Username CVE-2025-6891 9.8 - Critical - June 30, 2025

Code-Projects IMS 1.0 - SQLi via orderId in php_action/editPayment.php (critical) CVE-2025-6834 9.8 - Critical - June 29, 2025

Inventory Management System 1.0 PHP: SQLi via /orders.php arg i (critical) CVE-2025-6828 9.8 - Critical - June 28, 2025

Critical SQLi in code-projects Inventory Management System 1.0 (remote) CVE-2025-6827 9.8 - Critical - June 28, 2025

SQLi in Inventory Management System 1.0 via editProductName in editProduct.php CVE-2025-6823 9.8 - Critical - June 28, 2025

CVE-2025-6822: Code-Projects Inventory Mgmt Sys 1.0 SQLi in removeProduct.php CVE-2025-6822 9.8 - Critical - June 28, 2025

code-projects Inventory Management System 1.0 SQLi via createOrder.php CVE-2025-6821 9.8 - Critical - June 28, 2025

SQLi in code-projects IMS 1.0 createProduct.php (productName) CVE-2025-6820 9.8 - Critical - June 28, 2025

Critical SQLi via /php_action/removeBrand.php in Inventory Management System 1.0 CVE-2025-6819 9.8 - Critical - June 28, 2025

SQLi in Inventory Management System 1.0 /php_action/fetchSelectedBrand.php CVE-2025-6668 9.8 - Critical - June 25, 2025

SQLi in /php_action/editBrand.php of Inventory Management System 1.0 CVE-2025-6665 9.8 - Critical - June 25, 2025

Critical SQLi in code-projects IMS 1.0 createBrand.php via brandStatus CVE-2025-6611 9.8 - Critical - June 25, 2025

SQL Injection in code-projects Inventory Management System 1.0 removeCategories.php CVE-2025-6612 9.8 - Critical - June 25, 2025

Inventory Management Sys 1.0 – SQLi via user_id in changePassword.php CVE-2025-6502 9.8 - Critical - June 23, 2025

SQLi in Inventory Management System 1.0 fetchSelectedCategories.php CVE-2025-6503 9.8 - Critical - June 23, 2025

Code-Projects IMS 1.0 SQLi in editCategories.php via editCategoriesName CVE-2025-6500 9.8 - Critical - June 23, 2025

Critical SQLi in code-projects IMS 1.0 via categoriesStatus (createCategories.php) CVE-2025-6501 9.8 - Critical - June 23, 2025

SQLi via user_id in Inventory Mgmnt Sys v1.0 /changeUsername.php CVE-2025-6474 9.8 - Critical - June 22, 2025

Stay on top of Security Vulnerabilities

Code Projects Vendor

Code Projects Inventory Management SystemProduct

CVE-2025-6901: Remote SQLi via userid on PHP removeUser.php (IMS v1.0)
CVE-2025-6901 9.8 - Critical - June 30, 2025

Critical SQLi in Inventory Management System 1.0 editUser.php
CVE-2025-6902 9.8 - Critical - June 30, 2025

Code-Projects IMS 1.0 SQLi via createUser.php Username
CVE-2025-6891 9.8 - Critical - June 30, 2025

Code-Projects IMS 1.0 - SQLi via orderId in php_action/editPayment.php (critical)
CVE-2025-6834 9.8 - Critical - June 29, 2025

Inventory Management System 1.0 PHP: SQLi via /orders.php arg i (critical)
CVE-2025-6828 9.8 - Critical - June 28, 2025

Critical SQLi in code-projects Inventory Management System 1.0 (remote)
CVE-2025-6827 9.8 - Critical - June 28, 2025

SQLi in Inventory Management System 1.0 via editProductName in editProduct.php
CVE-2025-6823 9.8 - Critical - June 28, 2025

CVE-2025-6822: Code-Projects Inventory Mgmt Sys 1.0 SQLi in removeProduct.php
CVE-2025-6822 9.8 - Critical - June 28, 2025

code-projects Inventory Management System 1.0 SQLi via createOrder.php
CVE-2025-6821 9.8 - Critical - June 28, 2025

SQLi in code-projects IMS 1.0 createProduct.php (productName)
CVE-2025-6820 9.8 - Critical - June 28, 2025

Critical SQLi via /php_action/removeBrand.php in Inventory Management System 1.0
CVE-2025-6819 9.8 - Critical - June 28, 2025

SQLi in Inventory Management System 1.0 /php_action/fetchSelectedBrand.php
CVE-2025-6668 9.8 - Critical - June 25, 2025

SQLi in /php_action/editBrand.php of Inventory Management System 1.0
CVE-2025-6665 9.8 - Critical - June 25, 2025

Critical SQLi in code-projects IMS 1.0 createBrand.php via brandStatus
CVE-2025-6611 9.8 - Critical - June 25, 2025

SQL Injection in code-projects Inventory Management System 1.0 removeCategories.php
CVE-2025-6612 9.8 - Critical - June 25, 2025

Inventory Management Sys 1.0 – SQLi via user_id in changePassword.php
CVE-2025-6502 9.8 - Critical - June 23, 2025

SQLi in Inventory Management System 1.0 fetchSelectedCategories.php
CVE-2025-6503 9.8 - Critical - June 23, 2025

Code-Projects IMS 1.0 SQLi in editCategories.php via editCategoriesName
CVE-2025-6500 9.8 - Critical - June 23, 2025

Critical SQLi in code-projects IMS 1.0 via categoriesStatus (createCategories.php)
CVE-2025-6501 9.8 - Critical - June 23, 2025

SQLi via user_id in Inventory Mgmnt Sys v1.0 /changeUsername.php
CVE-2025-6474 9.8 - Critical - June 22, 2025

Code Projects
Vendor

Code Projects Inventory Management System
Product