Vulnerabilidades en code-projects

1284 resultados
Análisis Vexday

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2025-13576MEDIUMcode-projects Blog Site admin.php improper authorizationEPSS 0.2%CVE-2025-7756MEDIUMcode-projects E-Commerce Site cross-site request forgeryEPSS 0.2%CVE-2026-9450MEDIUMcode-projects Employee Management System psubmit.php sql injectionEPSS 0.2%CVE-2026-9449MEDIUMcode-projects Employee Management System changepassemp.php sql injectionEPSS 0.2%CVE-2026-9451MEDIUMcode-projects Employee Management System applyleaveprocess.php sql injectionEPSS 0.2%CVE-2026-7731MEDIUMcode-projects BloodBank Managing System get_state.php sql injectionEPSS 0.2%CVE-2026-5649MEDIUMcode-projects Online Application System for Admission Endpoint admsnform.php sql injectionEPSS 0.2%CVE-2026-10170MEDIUMcode-projects Visitor Management System phone_0.php sql injectionEPSS 0.2%CVE-2026-2176MEDIUMcode-projects Contact Management System index.py sql injectionEPSS 0.2%CVE-2025-4037MEDIUMcode-projects ATM Banking moneyWithdraw logic errorEPSS 0.2%CVE-2026-5806MEDIUMcode-projects Easy Blog Site update.php cross site scriptingEPSS 0.2%CVE-2025-5651MEDIUMcode-projects Traffic Offense Reporting System saveuser.php cross site scriptingEPSS 0.2%CVE-2025-5797MEDIUMcode-projects Laundry System insert_type.php cross site scriptingEPSS 0.2%CVE-2025-5796MEDIUMcode-projects Laundry System edit_type.php cross site scriptingEPSS 0.2%CVE-2025-15199MEDIUMcode-projects College Notes Uploading System userprofile.php unrestricted uploadEPSS 0.2%CVE-2025-12279MEDIUMcode-projects Client Details System welcome.php cross site scriptingEPSS 0.2%CVE-2025-6340MEDIUMcode-projects School Fees Payment System branch.php cross site scriptingEPSS 0.2%CVE-2026-7229MEDIUMcode-projects Coaching Management System POST reply.php sql injectionEPSS 0.2%CVE-2025-5766MEDIUMcode-projects Laundry System cross-site request forgeryEPSS 0.2%CVE-2026-7222MEDIUMcode-projects Coaching Management System Complaint Form complaint.php cross site scriptingEPSS 0.2%