Code-Projects: Security Vulnerabilities
A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function search_item of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
CVSS Score
4.8
EPSS Score
0.003
Published
2025-04-03
A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVSS Score
4.8
EPSS Score
0.002
Published
2025-04-03
A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. This affects an unknown part of the file /Admin/student.php. The manipulation of the argument profile_image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
5.3
EPSS Score
0.004
Published
2025-03-31
A vulnerability was found in code-projects Human Resource Management System 1.0.1. It has been classified as problematic. Affected is the function UpdateRecruitmentById of the file \handler\recruitment.go. The manipulation of the argument c leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.8
EPSS Score
0.003
Published
2025-03-21
A vulnerability was found in code-projects Human Resource Management System 1.0.1 and classified as critical. This issue affects the function Index of the file \handler\Account.go. The manipulation of the argument user_cookie leads to improper authorization. The exploit has been disclosed to the public and may be used.
CVSS Score
5.1
EPSS Score
0.004
Published
2025-03-21
Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/class.php via the id and cys parameters.
CVSS Score
4.6
EPSS Score
0.002
Published
2025-03-17
A vulnerability, which was classified as critical, was found in code-projects Online Class and Exam Scheduling System 1.0. Affected is an unknown function of the file /pages/salut_del.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
5.1
EPSS Score
0.004
Published
2025-03-17
A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the file /user_dashboard/add_donor.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
5.3
EPSS Score
0.004
Published
2025-03-17
A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument userEmail/userPassword leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.9
EPSS Score
0.005
Published
2025-03-17
Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/department.php via the id, code, and name parameters.
CVSS Score
3.2
EPSS Score
0.002
Published
2025-03-17