5.3
CVE-2025-11605 - code-projects Client Details System update-profile.php sql injection
A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.
6.9
CVE-2025-11604 - projectworlds Online Ordering Food System all-orders.php sql injection
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly discloβ¦
5.3
CVE-2025-11603 - code-projects Simple Food Ordering System editproduct.php sql injection
A vulnerability was found in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /editproduct.php. The manipulation of the argument Category results in sql injection. The attack may be launched remotely. The exploit has been made public and could be usβ¦
6.9
CVE-2025-11601 - SourceCodester Online Student Result System login.php sql injection
A vulnerability was detected in SourceCodester Online Student Result System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing manipulation of the argument Username results in sql injection. The attack can be initiated remotely. The exploit is now pubβ¦
5.3
CVE-2025-11600 - code-projects Simple Food Ordering System editcategory.php sql injection
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed pubβ¦
6.9
CVE-2025-11599 - Campcodes Online Apartment Visitor Management System forgot-password.php sql injection
A weakness has been identified in Campcodes Online Apartment Visitor Management System 1.0. This impacts an unknown function of the file /forgot-password.php. This manipulation of the argument email causes sql injection. It is possible to initiate the attack remotely. The exploit has been made avaiβ¦
5.3
CVE-2025-11597 - code-projects E-Commerce Website product_add_qty.php sql injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly avaβ¦
6.9
CVE-2025-11596 - code-projects E-Commerce Website delete_order_details.php sql injection
A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/delete_order_details.php. Executing manipulation of the argument order_id can lead to sql injection. The attack can be executed remotely. The exploit has been publiβ¦
5.1
CVE-2025-11595 - Campcodes Online Apartment Visitor Management System admin-profile.php sql injection
A vulnerability was found in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /admin-profile.php. Performing a manipulation of the argument mobilenumber results in sql injection. Remote exploitation of the attack is possible. The exploit has beenβ¦
4.3
CVE-2025-10376 - Course Redirects for Learndash Plugin <= 0.4 - Cross-Site Request Forgery
The Course Redirects for Learndash plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.4. This is due to missing nonce validation when processing form submissions on the settings page. This makes it possible for unauthenticated attackers to modifβ¦