Filtered by vendor Fabian
Subscribe
Total
342 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-7187 | 1 Fabian | 1 Chat System | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /user/fetch_member.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-29429 | 1 Fabian | 1 Online Class And Exam Scheduling System | 2025-10-23 | N/A | 6.1 MEDIUM |
| Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/program.php via the id, code, and name parameters. | |||||
| CVE-2025-11036 | 1 Fabian | 1 E-commerce Website | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/admin_account_update.php. Such manipulation of the argument user_id leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-6847 | 1 Fabian | 1 Simple Forum | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Simple Forum 1.0. This vulnerability affects unknown code of the file /forum_edit.php. The manipulation of the argument iii leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-29430 | 1 Fabian | 1 Online Class And Exam Scheduling System | 2025-10-23 | N/A | 4.1 MEDIUM |
| Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/room.php via the id and rome parameters. | |||||
| CVE-2025-7608 | 1 Fabian | 1 Simple Shopping Cart | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in code-projects Simple Shopping Cart 1.0. Affected is an unknown function of the file /userlogin.php. The manipulation of the argument user_email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1576 | 1 Fabian | 1 Real Estate Property Management System | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax_state.php. The manipulation of the argument StateName as part of String leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-56293 | 1 Fabian | 1 Human Resource Integrated System | 2025-10-23 | N/A | 5.4 MEDIUM |
| code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting (XSS) in the Add Child Information section in the Childs Name field. | |||||
| CVE-2024-10506 | 1 Fabian | 1 Blood Bank Management System | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in code-projects Blood Bank System 1.0. This affects an unknown part of the file /admin/blood/update/B-.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9666 | 1 Fabian | 1 Simple Grading System | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /delete_student.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2024-8168 | 1 Fabian | 1 Online Bus Reservation Site | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12969 | 1 Fabian | 1 Hospital Management System | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in code-projects Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6352 | 1 Fabian | 1 Automated Voting System | 2025-10-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-7127 | 1 Fabian | 1 Automated Voting System | 2025-10-23 | 5.8 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249130 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-7126 | 1 Fabian | 1 Automated Voting System | 2025-10-23 | 5.8 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249129 was assigned to this vulnerability. | |||||
| CVE-2025-11667 | 1 Fabian | 1 Automated Voting System | 2025-10-17 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add_candidate_modal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-60308 | 1 Fabian | 1 Simple Online Hotel Reservation System | 2025-10-16 | N/A | 4.1 MEDIUM |
| code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS) vulnerability in the Add Room function of the online hotel reservation system. Malicious JavaScript code is entered in the Description field, which can leak the administrator's cookie information when browsing this room information | |||||
| CVE-2025-60304 | 1 Fabian | 1 Simple Scheduling System | 2025-10-16 | N/A | 6.1 MEDIUM |
| code-projects Simple Scheduling System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Subject Description field. | |||||
| CVE-2025-11668 | 1 Fabian | 1 Automated Voting System | 2025-10-16 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/update_user.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-11516 | 1 Fabian | 1 Online Complaint Site | 2025-10-14 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. | |||||