Carmelo

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-60307 1Carmelo 1Computer Laboratory System Oct 21, 2025 Oct 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts.
CVE-2025-11556 1Carmelo 1Simple Leave Manager Apr 29, 2026 Oct 9, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the att...Show more A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.Show less
CVE-2025-11551 1Carmelo 1Student Result Manager Apr 29, 2026 Oct 9, 2025 2.1 LOW· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. I...Show more A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.Show less
CVE-2025-56295 1Carmelo 1Computer Laboratory System Sep 18, 2025 Sep 16, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools...Show more code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions.Show less
CVE-2025-56280 1Carmelo 1Food Ordering Review System Sep 18, 2025 Sep 16, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the area where users submit reservation information.
CVE-2025-56276 1Carmelo 1Food Ordering Review System Sep 18, 2025 Sep 16, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the registration function. An attacker enters malicious JavaScript code as a username, which triggers the XSS vulnerability whe...Show more code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the registration function. An attacker enters malicious JavaScript code as a username, which triggers the XSS vulnerability when the admin views user information, resulting in the disclosure of the admin's cookie information.Show less
CVE-2025-10104 1Carmelo 1Online Event Judging System Apr 29, 2026 Sep 8, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /review_search.php. The manipulation of the argument txtsearch leads to sql injecti...Show more A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /review_search.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.Show less
CVE-2025-10103 1Carmelo 1Online Event Judging System Apr 29, 2026 Sep 8, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A weakness has been identified in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /home.php. Executing manipulation of the argument main_event can lead to sql injection. The at...Show more A weakness has been identified in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /home.php. Executing manipulation of the argument main_event can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be exploited.Show less
CVE-2025-10102 1Carmelo 1Online Event Judging System Apr 29, 2026 Sep 8, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. Th...Show more A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.Show less
CVE-2025-9845 1Carmelo 1Fruit Shop Management System Apr 29, 2026 Sep 3, 2025 2.0 LOW· v4 5.4 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. Such manipulation of the argument product_code/gen_na...Show more A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. Such manipulation of the argument product_code/gen_name/product_name/supplier leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-9610 1Carmelo 1Online Event Judging System Apr 29, 2026 Aug 29, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. T...Show more A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well.Show less
CVE-2025-8495 1Carmelo 1Intern Membership Management System Apr 29, 2026 Aug 3, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/edit_admin_query.php. The manipulation of the argu...Show more A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/edit_admin_query.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8494 1Carmelo 1Intern Membership Management System Apr 29, 2026 Aug 3, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulati...Show more A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8493 1Carmelo 1Intern Membership Management System Apr 29, 2026 Aug 2, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_student_query.php. The manipulation of the argume...Show more A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_student_query.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8340 1Carmelo 1Intern Membership Management System Apr 29, 2026 Jul 31, 2025 2.1 LOW· v4 6.1 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file fill_details.php of the component Error Message...Show more A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file fill_details.php of the component Error Message Handler. The manipulation of the argument email leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8339 1Carmelo 1Intern Membership Management System Apr 29, 2026 Jul 31, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_n...Show more A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8167 1Carmelo 1Church Donation System Apr 29, 2026 Jul 25, 2025 2.0 LOW· v4 5.4 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/edit_members.php. The manipulation...Show more A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/edit_members.php. The manipulation of the argument fname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.Show less
CVE-2025-8166 1Carmelo 1Church Donation System Apr 29, 2026 Jul 25, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The mani...Show more A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8165 1Carmelo 1Food Ordering Review System Apr 29, 2026 Jul 25, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in code-projects Food Review System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/approve_reservation.php. The manipulation of the argument occasi...Show more A vulnerability was found in code-projects Food Review System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/approve_reservation.php. The manipulation of the argument occasion leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8018 1Carmelo 1Food Ordering Review System Apr 29, 2026 Jul 22, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/reservation_page.php. The manipul...Show more A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/reservation_page.php. The manipulation of the argument reg_Id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.Show less

Previous 1 2 345 6 7 Next