Filtered by vendor Fabian
Subscribe
Total
342 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12790 | 1 Fabian | 1 Hostel Management System | 2025-10-23 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in code-projects Hostel Management Site 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file room-details.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6449 | 1 Fabian | 1 Simple Online Hotel Reservation System | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/checkout_query.php. The manipulation of the argument transaction_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-11105 | 1 Fabian | 1 Simple Scheduling System | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /schedulingsystem/addsubject.php. This manipulation of the argument subcode causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. | |||||
| CVE-2025-9733 | 1 Fabian | 1 Human Resource Integrated System | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. This impacts an unknown function of the file /login_timeee.php. Performing manipulation of the argument emp_id results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2024-11963 | 1 Fabian | 1 Responsive Hotel Site | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in code-projects Responsive Hotel Site 1.0. Affected by this issue is some unknown functionality of the file /admin/room.php. The manipulation of the argument troom leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4037 | 1 Fabian | 1 Atm Banking | 2025-10-23 | 3.2 LOW | 4.4 MEDIUM |
| A vulnerability was found in code-projects ATM Banking 1.0. It has been classified as critical. Affected is the function moneyDeposit/moneyWithdraw. The manipulation leads to business logic errors. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-0531 | 1 Fabian | 1 Chat System | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/leaveroom.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7609 | 1 Fabian | 1 Simple Shopping Cart | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1576 | 1 Fabian | 1 Real Estate Property Management System | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax_state.php. The manipulation of the argument StateName as part of String leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7190 | 1 Fabian | 1 Library Management System | 2025-10-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. This affects an unknown part of the file /admin/student_edit_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-29427 | 1 Fabian | 1 Online Class And Exam Scheduling System | 2025-10-23 | N/A | 5.9 MEDIUM |
| Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in profile.php via the member_first and member_last parameters. | |||||
| CVE-2025-6161 | 1 Fabian | 1 Simple Food Ordering System | 2025-10-23 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6352 | 1 Fabian | 1 Automated Voting System | 2025-10-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-7126 | 1 Fabian | 1 Automated Voting System | 2025-10-23 | 5.8 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249129 was assigned to this vulnerability. | |||||
| CVE-2023-7127 | 1 Fabian | 1 Automated Voting System | 2025-10-23 | 5.8 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249130 is the identifier assigned to this vulnerability. | |||||
| CVE-2025-11667 | 1 Fabian | 1 Automated Voting System | 2025-10-17 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add_candidate_modal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-60308 | 1 Fabian | 1 Simple Online Hotel Reservation System | 2025-10-16 | N/A | 4.1 MEDIUM |
| code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS) vulnerability in the Add Room function of the online hotel reservation system. Malicious JavaScript code is entered in the Description field, which can leak the administrator's cookie information when browsing this room information | |||||
| CVE-2025-60304 | 1 Fabian | 1 Simple Scheduling System | 2025-10-16 | N/A | 6.1 MEDIUM |
| code-projects Simple Scheduling System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Subject Description field. | |||||
| CVE-2025-11668 | 1 Fabian | 1 Automated Voting System | 2025-10-16 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/update_user.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-11516 | 1 Fabian | 1 Online Complaint Site | 2025-10-14 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. | |||||