Vulnerabilities in code-projects

1,282 results
Vexday analysis

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2026-3735MEDIUMcode-projects Simple Flight Ticket Booking System SearchResultOneway.php sql injectionEPSS 0.3%CVE-2026-3736MEDIUMcode-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injectionEPSS 0.3%CVE-2025-13574MEDIUMcode-projects Online Bidding System addcategory.php categoryadd unrestricted uploadEPSS 0.3%CVE-2025-0537MEDIUMcode-projects Car Rental Management System manage-pages.php cross site scriptingEPSS 0.3%CVE-2025-1196MEDIUMcode-projects Real Estate Property Management System search.php cross site scriptingEPSS 0.3%CVE-2026-5198MEDIUMcode-projects Student Membership System Admin Login index.php sql injectionEPSS 0.3%CVE-2025-11552MEDIUMcode-projects Online Complaint Site category.php sql injectionEPSS 0.3%CVE-2025-12243MEDIUMcode-projects Client Details System GET Parameter welcome.php sql injectionEPSS 0.3%CVE-2025-11514MEDIUMcode-projects Online Complaint Site index.php sql injectionEPSS 0.3%CVE-2026-4898MEDIUMcode-projects Online Food Ordering System contact.php cross site scriptingEPSS 0.3%CVE-2025-11530MEDIUMcode-projects Online Complaint Site state.php sql injectionEPSS 0.3%CVE-2025-11516MEDIUMcode-projects Online Complaint Site complaint-details.php sql injectionEPSS 0.3%CVE-2025-11603MEDIUMcode-projects Simple Food Ordering System editproduct.php sql injectionEPSS 0.3%CVE-2025-11515MEDIUMcode-projects Online Complaint Site register-complaint.php sql injectionEPSS 0.3%CVE-2025-6122MEDIUMcode-projects Restaurant Order System table.php sql injectionEPSS 0.3%CVE-2026-5033MEDIUMcode-projects Accounting System Parameter view_costumer.php sql injectionEPSS 0.3%CVE-2025-12857MEDIUMcode-projects Responsive Hotel Site roombook.php sql injectionEPSS 0.3%CVE-2026-2220MEDIUMcode-projects Online Reviewer System btn_functions.php sql injectionEPSS 0.3%CVE-2025-12913MEDIUMcode-projects Responsive Hotel Site roomdel.php sql injectionEPSS 0.3%CVE-2025-12856MEDIUMcode-projects Responsive Hotel Site reservation.php sql injectionEPSS 0.3%