Sherlock

sherlock

10 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Employee Management System

employee_management_system

Accounting System

accounting_system

Gym Management System

gym_management_system

Online Fir System

online_fir_system

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-5035 1Sherlock 1Accounting System Apr 29, 2026 Mar 29, 2026 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql inje...Show more A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2026-5034 1Sherlock 1Accounting System Apr 29, 2026 Mar 29, 2026 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /edit_costumer.php of the component Parameter Handler. This manipulation of the argument cos_...Show more A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /edit_costumer.php of the component Parameter Handler. This manipulation of the argument cos_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.Show less
CVE-2026-5033 1Sherlock 1Accounting System Apr 29, 2026 Mar 29, 2026 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_costumer.php of the component Parameter Handler. The manipulation of the a...Show more A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_costumer.php of the component Parameter Handler. The manipulation of the argument cos_id results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.Show less
CVE-2024-25216 1Sherlock 1Employee Management System Mar 13, 2025 Feb 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the mailud parameter at /aprocess.php.
CVE-2024-25215 1Sherlock 1Employee Management System May 8, 2025 Feb 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the pwd parameter at /aprocess.php.
CVE-2024-25214 1Sherlock 1Employee Management System Nov 21, 2024 Feb 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in Employee Managment System v1.0 allows attackers to bypass authentication via injecting a crafted payload into the E-mail and Password parameters at /alogin.html.
CVE-2024-25213 1Sherlock 1Employee Management System May 12, 2025 Feb 14, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /edit.php.
CVE-2024-25212 1Sherlock 1Employee Management System Nov 21, 2024 Feb 14, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /delete.php.
CVE-2024-0503 1Sherlock 1Online Fir System Nov 21, 2024 Jan 13, 2024 N/A· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in code-projects Online FIR System 1.0. It has been classified as problematic. This affects an unknown part of the file registercomplaint.php. The manipulation of the argument Name/Address leads...Show more A vulnerability was found in code-projects Online FIR System 1.0. It has been classified as problematic. This affects an unknown part of the file registercomplaint.php. The manipulation of the argument Name/Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250611.Show less
CVE-2023-37068 1Sherlock 1Gym Management System Nov 21, 2024 Aug 9, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insu...Show more Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username and password fields, enabling SQL Injection attacks.Show less