汇总 Code Projects 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 跨站脚本与缓冲区溢出 等问题,部分漏洞可能导致 会话劫持,并影响 生产负载与软件部署 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-7413 | A vulnerability classified as critical has been found in code-projects Library System 1.0. This affects an unknown part of the file /user/teacher/profile.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 2.1 | 0.28% | 2025-07-10 | 2026-06-17 |
| CVE-2025-7412 | A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user/student/profile.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 2.1 | 0.28% | 2025-07-10 | 2026-06-17 |
| CVE-2025-7199 | A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0. This issue affects some unknown processing of the file /notapprove.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7191 | A vulnerability has been found in code-projects Student Enrollment System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7185 | A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7184 | A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. This affects an unknown part of the file /user/teacher/books.php. The manipulation of the argument Search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7179 | A vulnerability classified as critical was found in code-projects Library System 1.0. This vulnerability affects unknown code of the file /add-teacher.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.48% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7174 | A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.45% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7173 | A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.60% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7172 | A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0. This affects an unknown part of the file /headlogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.53% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7171 | A vulnerability, which was classified as critical, has been found in code-projects Crime Reporting System 1.0. Affected by this issue is some unknown functionality of the file /policelogin.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7170 | A vulnerability classified as critical was found in code-projects Crime Reporting System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7169 | A vulnerability classified as critical has been found in code-projects Crime Reporting System 1.0. Affected is an unknown function of the file /complainer_page.php. The manipulation of the argument location leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-7168 | A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /userlogin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-07-08 | 2026-06-17 |
| CVE-2025-6902 | A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /php_action/editUser.php. The manipulation of the argument edituserName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-06-30 | 2026-06-17 |
| CVE-2025-6901 | A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/removeUser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.40% | 2025-06-30 | 2026-06-17 |
| CVE-2025-6900 | A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 2.1 | 0.35% | 2025-06-30 | 2026-06-17 |
| CVE-2025-40734 | Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php. | [email protected] | 5.1 | 0.17% | 2025-06-30 | 2026-06-17 |
| CVE-2025-40733 | Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php. | [email protected] | 5.1 | 0.17% | 2025-06-30 | 2026-06-17 |
| CVE-2025-40732 | user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php | [email protected] | 8.7 | 0.31% | 2025-06-30 | 2026-06-17 |