Vulnerabilities in code-projects

1,284 results
Vexday analysis

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2026-4578MEDIUMcode-projects Exam Form Submission update_s3.php cross site scriptingEPSS 0.3%CVE-2025-8964MEDIUMcode-projects Hostel Management System Login hostel_manage.exe improper authenticationEPSS 0.3%CVE-2025-13580MEDIUMcode-projects Library System mail.php sql injectionEPSS 0.3%CVE-2025-13579MEDIUMcode-projects Library System return.php sql injectionEPSS 0.3%CVE-2026-4557MEDIUMcode-projects Exam Form Submission update_s1.php cross site scriptingEPSS 0.3%CVE-2025-11124MEDIUMcode-projects Project Monitoring System postjob.php cross site scriptingEPSS 0.3%CVE-2026-9418MEDIUMcode-projects Employee Management System changepassemp.php cross site scriptingEPSS 0.3%CVE-2026-10208MEDIUMcode-projects Online Hospital Management System login_1.php login_user sql injectionEPSS 0.3%CVE-2026-9415MEDIUMcode-projects Employee Management System eloginwel.php cross site scriptingEPSS 0.3%CVE-2026-6150MEDIUMcode-projects Simple Laundry System checkupdatestatus.php cross site scriptingEPSS 0.3%CVE-2026-9419MEDIUMcode-projects Employee Management System empproject.php cross site scriptingEPSS 0.3%CVE-2026-9417MEDIUMcode-projects Employee Management System myprofileup.php cross site scriptingEPSS 0.3%CVE-2025-5732MEDIUMcode-projects Traffic Offense Reporting System cross-site request forgeryEPSS 0.3%CVE-2026-11342MEDIUMcode-projects Hotel and Tourism Reservation System details.php sql injectionEPSS 0.3%CVE-2026-4550MEDIUMcode-projects Simple Gym Management System func.php sql injectionEPSS 0.3%CVE-2026-9416MEDIUMcode-projects Employee Management System myprofile.php cross site scriptingEPSS 0.3%CVE-2025-12282MEDIUMcode-projects Client Details System manage-users.php cross site scriptingEPSS 0.3%CVE-2026-1421MEDIUMcode-projects Online Examination System Add Pages cross site scriptingEPSS 0.3%CVE-2025-14222MEDIUMcode-projects Employee Profile Management System print_personnel_report.php sql injectionEPSS 0.3%CVE-2025-14230MEDIUMcode-projects Daily Time Recording System add_payroll.php sql injectionEPSS 0.3%