Vulnerabilities in code-projects

1,282 results
Vexday analysis

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2025-5857MEDIUMcode-projects Patient Record Management System urinalysis_record.php sql injectionEPSS 0.4%CVE-2025-7188MEDIUMcode-projects Chat System addmember.php sql injectionEPSS 0.4%CVE-2025-7189MEDIUMcode-projects Chat System send_message.php sql injectionEPSS 0.4%CVE-2025-0538MEDIUMcode-projects Tourism Management System manage-pages.php cross site scriptingEPSS 0.4%CVE-2026-1533MEDIUMcode-projects Online Music Site AdminAddCategory.php sql injectionEPSS 0.4%CVE-2025-11597MEDIUMcode-projects E-Commerce Website product_add_qty.php sql injectionEPSS 0.4%CVE-2025-11553MEDIUMcode-projects Courier Management System add-courier.php sql injectionEPSS 0.4%CVE-2025-7210MEDIUMcode-projects/Fabian Ros Library Management System profile_update.php unrestricted uploadEPSS 0.4%CVE-2025-11509MEDIUMcode-projects E-Commerce Website product_add.php sql injectionEPSS 0.4%CVE-2025-11431MEDIUMcode-projects Web-Based Inventory and POS System transaction.php sql injectionEPSS 0.4%CVE-2025-11511MEDIUMcode-projects E-Commerce Website supplier_add.php sql injectionEPSS 0.4%CVE-2025-11551MEDIUMcode-projects Student Result Manager Database.java sql injectionEPSS 0.4%CVE-2025-8435MEDIUMcode-projects Online Movie Streaming admin-control.php authorizationEPSS 0.4%CVE-2025-7124MEDIUMcode-projects Online Note Sharing Profile Image userprofile.php unrestricted uploadEPSS 0.4%CVE-2025-3305MEDIUM1902756969/code-projects IKUN_Library Borrow MvcConfig.java addInterceptors access controlEPSS 0.4%CVE-2026-6032MEDIUMcode-projects Simple Laundry System checkcheckout.php cross site scriptingEPSS 0.4%CVE-2025-2390MEDIUMcode-projects Blood Bank Management System add_donor.php sql injectionEPSS 0.4%CVE-2026-5826MEDIUMcode-projects Simple IT Discussion Forum edit-category.php cross site scriptingEPSS 0.4%CVE-2025-14646MEDIUMcode-projects Student File Management System delete_student.php sql injectionEPSS 0.4%CVE-2025-14623MEDIUMcode-projects Student File Management System update_student.php sql injectionEPSS 0.4%