Filtered by vendor Fabian
Subscriptions
Total
390 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-12983 | 1 Fabian | 1 Hospital Management System | 2025-10-23 | 2.4 Low |
| A vulnerability classified as problematic has been found in code-projects Hospital Management System 1.0. This affects an unknown part of the file /hospital/hms/admin/manage-doctors.php of the component Edit Doctor Details Page. The manipulation of the argument Doctor Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-10506 | 2 Code-projects, Fabian | 2 Blood Bank System, Blood Bank Management System | 2025-10-23 | 6.3 Medium |
| A vulnerability classified as critical has been found in code-projects Blood Bank System 1.0. This affects an unknown part of the file /admin/blood/update/B-.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-7111 | 1 Fabian | 1 Library Management System | 2025-10-23 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249006 is the identifier assigned to this vulnerability. | ||||
| CVE-2025-11116 | 2 Code-projects, Fabian | 2 Simple Scheduling System, Simple Scheduling System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /add.home.php. The manipulation of the argument faculty results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. Other parameters might be affected as well. | ||||
| CVE-2025-29425 | 1 Fabian | 1 Online Class And Exam Scheduling System | 2025-10-23 | 5.5 Medium |
| Code-projects Online Class and Exam Scheduling System 1.0 is vulnerable to SQL Injection in exam_save.php via the parameters member and first. | ||||
| CVE-2024-9986 | 2 Code-projects, Fabian | 2 Blood Bank Management System, Blood Bank Management System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file member_register.php. The manipulation of the argument fullname/username/password/email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter "password" to be affected. But it must be assumed that other parameters are affected as well. | ||||
| CVE-2024-24098 | 1 Fabian | 1 Scholars Tracking System | 2025-10-23 | 7.8 High |
| Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection via the News Feed. | ||||
| CVE-2024-8368 | 2 Code-projects, Fabian | 2 Hospital Management System, Hospital Management System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-0229 | 1 Fabian | 1 Travel Management System | 2025-10-23 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in code-projects Travel Management System 1.0. This issue affects some unknown processing of the file /enquiry.php. The manipulation of the argument pid/t1/t2/t3/t4/t5/t6/t7 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-8167 | 2 Code-projects, Fabian | 2 Job Portal, Job Portal | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /forget.php. The manipulation of the argument email/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-8569 | 1 Fabian | 1 Hospital Management System | 2025-10-23 | 7.3 High |
| A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file user-login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11108 | 2 Code-projects, Fabian | 2 Simple Scheduling System, Simple Scheduling System | 2025-10-23 | 7.3 High |
| A vulnerability was determined in code-projects Simple Scheduling System 1.0. Impacted is an unknown function of the file /schedulingsystem/addroom.php. Executing manipulation of the argument room can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2024-10415 | 2 Blood Bank Management System Project, Fabian | 2 Blood Bank Management System, Blood Bank Management System | 2025-10-23 | 6.3 Medium |
| A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /file/accept.php. The manipulation of the argument reqid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6866 | 1 Fabian | 1 Simple Forum | 2025-10-23 | 4.3 Medium |
| A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. This vulnerability affects unknown code of the file /forum_downloadfile.php. The manipulation of the argument filename leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7210 | 1 Fabian | 1 Library Management System | 2025-10-23 | 6.3 Medium |
| A vulnerability was found in code-projects/Fabian Ros Library Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/profile_update.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-11609 | 2 Code-projects, Fabian | 2 Hospital Management System, Hospital Management System | 2025-10-23 | 3.7 Low |
| A flaw has been found in code-projects Hospital Management System 1.0. Affected is the function session of the component express-session. This manipulation of the argument secret with the input secret causes use of hard-coded cryptographic key . The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is told to be difficult. The exploit has been published and may be used. | ||||
| CVE-2025-6293 | 1 Fabian | 1 Hostel Management System | 2025-10-23 | 7.3 High |
| A vulnerability was found in code-projects Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /contact_manager.php. The manipulation of the argument student_roll_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6848 | 1 Fabian | 1 Simple Forum | 2025-10-23 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in code-projects Simple Forum 1.0. This issue affects some unknown processing of the file /forum1.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2061 | 1 Fabian | 1 Online Ticket Reservation System | 2025-10-23 | 4.3 Medium |
| A vulnerability was found in code-projects Online Ticket Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /passenger.php. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11963 | 2 Codeprojects, Fabian | 2 Responsive Hotel Site, Responsive Hotel Site | 2025-10-23 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in code-projects Responsive Hotel Site 1.0. Affected by this issue is some unknown functionality of the file /admin/room.php. The manipulation of the argument troom leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||