Filtered by vendor Fabian
Subscribe
Total
484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-13201 | 1 Fabian | 1 Simple Cafe Ordering System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. | |||||
| CVE-2025-13199 | 1 Fabian | 1 Email Logging Interface | 2026-06-17 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and could be used. | |||||
| CVE-2025-13170 | 1 Fabian | 1 Simple Online Hotel Reservation System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/edit_account.php. Performing a manipulation of the argument admin_id results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | |||||
| CVE-2025-13169 | 1 Fabian | 1 Simple Online Hotel Reservation System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /add_query_reserve.php. Such manipulation of the argument room_id leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-13119 | 1 Fabian | 1 Simple E-banking System | 2026-06-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been published and may be used. | |||||
| CVE-2025-13076 | 1 Fabian | 1 Responsive Hotel Site | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used. | |||||
| CVE-2025-13075 | 1 Fabian | 1 Responsive Hotel Site | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Performing manipulation of the argument eid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. | |||||
| CVE-2025-12928 | 1 Fabian | 1 Online Job Search Engine | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | |||||
| CVE-2025-12913 | 1 Fabian | 1 Responsive Hotel Site | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of the file /admin/roomdel.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-12857 | 1 Fabian | 1 Responsive Hotel Site | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/roombook.php. Such manipulation of the argument rid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-12856 | 1 Fabian | 1 Responsive Hotel Site | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-12855 | 1 Fabian | 1 Responsive Hotel Site | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newsletterdel.php. The manipulation of the argument eid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-12594 | 1 Fabian | 1 Simple Online Hotel Reservation System | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/add_account.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2025-12593 | 1 Fabian | 1 Simple Online Hotel Reservation System | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/edit_room.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-12378 | 1 Fabian | 1 Simple Food Ordering System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-12335 | 1 Fabian | 1 E-commerce Website | 2026-06-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplier_update.php. This manipulation of the argument supp_name/supp_address causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-12334 | 1 Fabian | 1 E-commerce Website | 2026-06-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument prod_name/prod_desc/prod_cost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-12333 | 1 Fabian | 1 E-commerce Website | 2026-06-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplier_add.php. The manipulation of the argument supp_name/supp_address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-12309 | 1 Fabian | 1 Nero Social Networking Site | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A weakness has been identified in code-projects Nero Social Networking Site 1.0. This affects an unknown part of the file /friendprofile.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-12308 | 1 Fabian | 1 Nero Social Networking Site | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in code-projects Nero Social Networking Site 1.0. Affected by this issue is some unknown functionality of the file /deletemessage.php. Performing manipulation of the argument message_id results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. | |||||