Codeastro

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-6478 1Codeastro 1Expense Management System Apr 29, 2026 Jun 22, 2025 1.3 LOW· v4 4.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The atta...Show more A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely.Show less
CVE-2025-6452 1Codeastro 1Patient Record Management System Apr 29, 2026 Jun 22, 2025 1.9 LOW· v4 4.8 MEDIUM· v3 3.3 LOW· v2 A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the...Show more A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-6131 1Codeastro 1Food Ordering System Apr 29, 2026 Jun 16, 2025 1.9 LOW· v4 4.8 MEDIUM· v3 3.3 LOW· v2 A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The m...Show more A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5611 1Codeastro 1Real Estate Management System Jun 10, 2025 Jun 4, 2025 5.3 MEDIUM· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads t...Show more A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5610 1Codeastro 1Real Estate Management System Jun 10, 2025 Jun 4, 2025 5.3 MEDIUM· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete.php. The manipulati...Show more A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5583 1Codeastro 1Real Estate Management System Jun 4, 2025 Jun 4, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /register.php. The manipulation leads to sql injection. It is possible to...Show more A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /register.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5582 1Codeastro 1Real Estate Management System Jun 4, 2025 Jun 4, 2025 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument content leads...Show more A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5581 1Codeastro 1Real Estate Management System Jun 4, 2025 Jun 4, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User lead...Show more A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5580 1Codeastro 1Real Estate Management System Jun 4, 2025 Jun 4, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument email leads to sql injec...Show more A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4811 1Codeastro 1Pharmacy Management System Jun 4, 2025 May 16, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation o...Show more A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-25776 1Codeastro 1Bus Ticket Booking System Apr 30, 2025 Apr 28, 2025 N/A· v4 5.0 MEDIUM· v3 N/A· v2 Cross-Site Scripting (XSS) vulnerability exists in the User Registration and User Profile features of Codeastro Bus Ticket Booking System v1.0 allows an attacker to execute arbitrary code into the Full Name and Address f...Show more Cross-Site Scripting (XSS) vulnerability exists in the User Registration and User Profile features of Codeastro Bus Ticket Booking System v1.0 allows an attacker to execute arbitrary code into the Full Name and Address fields during user registration or profile editing.Show less
CVE-2025-3998 1Codeastro 1Membership Management System May 14, 2025 Apr 28, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file renew.php?id=6. The manipulation of the argument ID leads to sql injecti...Show more A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file renew.php?id=6. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-25775 1Codeastro 1Bus Ticket Booking System May 28, 2025 Apr 25, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.
CVE-2025-25777 1Codeastro 1Bus Ticket Booking System May 28, 2025 Apr 24, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile witho...Show more Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile without proper authentication or authorization checks.Show less
CVE-2025-29015 1Codeastro 1Internet Banking System Apr 21, 2025 Apr 17, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting (XSS) via the name parameter in /admin/pages_account.php.
CVE-2025-29017 1Codeastro 1Internet Banking System Apr 30, 2025 Apr 10, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 A Remote Code Execution (RCE) vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profile_pic parameter within pages_view_client.php.
CVE-2025-29018 1Codeastro 1Internet Banking System Apr 28, 2025 Apr 9, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 A Stored Cross-Site Scripting (XSS) vulnerability exists in the name parameter of pages_add_acc_type.php in Code Astro Internet Banking System 2.0.0.
CVE-2025-3205 1Codeastro 1Student Grading System May 7, 2025 Apr 4, 2025 5.3 MEDIUM· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql i...Show more A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-3204 1Codeastro 1Car Rental System Apr 15, 2025 Apr 4, 2025 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID l...Show more A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-56889 1Codeastro 1Complaint Management System Apr 18, 2025 Feb 6, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management System v1.0 allows unauthorized attackers to arbitrarily delete complaints via modification of the id parameter.

Previous 1 234 5 6 Next