Vulnerabilities in code-projects

1,284 results
Vexday analysis

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2025-6480MEDIUMcode-projects Simple Pizza Ordering System addcatexec.php sql injectionEPSS 0.4%CVE-2025-6468MEDIUMcode-projects Online Bidding System bidnow.php sql injectionEPSS 0.4%CVE-2025-6418MEDIUMcode-projects Simple Online Hotel Reservation System edit_query_account.php sql injectionEPSS 0.4%CVE-2025-6123MEDIUMcode-projects Restaurant Order System payment.php sql injectionEPSS 0.4%CVE-2025-6316MEDIUMcode-projects Online Shoe Store admin_running.php sql injectionEPSS 0.4%CVE-2025-6471MEDIUMcode-projects Online Bidding System administrator sql injectionEPSS 0.4%CVE-2025-6304MEDIUMcode-projects Online Shoe Store cart.php sql injectionEPSS 0.4%CVE-2025-6503MEDIUMcode-projects Inventory Management System fetchSelectedCategories.php sql injectionEPSS 0.4%CVE-2025-7512MEDIUMcode-projects Modern Bag contact-back.php sql injectionEPSS 0.4%CVE-2025-6578MEDIUMcode-projects Simple Online Hotel Reservation System delete_account.php sql injectionEPSS 0.4%CVE-2025-7513MEDIUMcode-projects Modern Bag slideupdate.php sql injectionEPSS 0.4%CVE-2025-6449MEDIUMcode-projects Simple Online Hotel Reservation System checkout_query.php sql injectionEPSS 0.4%CVE-2025-1374MEDIUMcode-projects Real Estate Property Management System search.php sql injectionEPSS 0.4%CVE-2025-8164MEDIUMcode-projects Public Chat Room send_message.php sql injectionEPSS 0.4%CVE-2024-10448MEDIUMcode-projects Blood Bank Management System delete.php cross-site request forgeryEPSS 0.4%CVE-2026-4908MEDIUMcode-projects Simple Laundry System Parameter modstaffinfo.php sql injectionEPSS 0.4%CVE-2025-5704MEDIUMcode-projects Real Estate Property Management System User.php sql injectionEPSS 0.4%CVE-2025-15196MEDIUMcode-projects Assessment Management login.php sql injectionEPSS 0.4%CVE-2025-1197MEDIUMcode-projects Real Estate Property Management System load_user-profile.php sql injectionEPSS 0.4%CVE-2024-13035MEDIUMcode-projects Chat System update_user.php sql injectionEPSS 0.4%