Vulnerabilities in code-projects

1,282 results

Vexday analysis

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2025-11608MEDIUMcode-projects E-Banking System POST Parameter register.php sql injectionEPSS 0.4%CVE-2025-11396MEDIUMcode-projects Simple Food Ordering System product.php sql injectionEPSS 0.4%CVE-2025-12306MEDIUMcode-projects Nero Social Networking Site acceptoffres.php sql injectionEPSS 0.4%CVE-2025-0531MEDIUMcode-projects Chat System leaveroom.php sql injectionEPSS 0.4%CVE-2024-0467LOWcode-projects Employee Profile Management System edit_position_query.php cross site scriptingEPSS 0.4%CVE-2024-12939MEDIUMcode-projects Job Recruitment _all_edits.php add_edu sql injectionEPSS 0.4%CVE-2025-0172MEDIUMcode-projects Chat System deleteroom.php sql injectionEPSS 0.4%CVE-2025-0171MEDIUMcode-projects Chat System deleteuser.php sql injectionEPSS 0.4%CVE-2025-0176MEDIUMcode-projects Point of Sales and Inventory Management System add_cart.php sql injectionEPSS 0.4%CVE-2025-2589MEDIUMcode-projects Human Resource Management System Account.go Index improper authorizationEPSS 0.4%CVE-2024-10989MEDIUMcode-projects E-Health Care System detail.php sql injectionEPSS 0.4%CVE-2024-10987MEDIUMcode-projects E-Health Care System user_appointment.php sql injectionEPSS 0.4%CVE-2025-6834MEDIUMcode-projects Inventory Management System editPayment.php sql injectionEPSS 0.4%CVE-2025-7587MEDIUMcode-projects Online Appointment Booking System cover.php sql injectionEPSS 0.4%CVE-2026-4579MEDIUMcode-projects Simple Laundry System Parameters viewdetail.php sql injectionEPSS 0.4%CVE-2025-1210MEDIUMcode-projects Wazifa System control.php sql injectionEPSS 0.4%CVE-2024-9803MEDIUMcode-projects Blood Bank Management System blooddetails.php cross site scriptingEPSS 0.4%CVE-2024-12001MEDIUMcode-projects Wazifa System Setting updatesettings.php cross site scriptingEPSS 0.4%CVE-2024-10142MEDIUMcode-projects Blood Bank System viewrequest.php cross site scriptingEPSS 0.4%CVE-2024-12000MEDIUMcode-projects Blood Bank System Setting updatesettings.php cross site scriptingEPSS 0.4%

← previouspage 23 / 65next →