Vulnerabilidades em code-projects

1.282 resultados
Análise Vexday

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2025-8928MEDIUMcode-projects Medical Store Management System Update Medicines UpdateMedicines.java sql injectionEPSS 0.4%CVE-2025-8929MEDIUMcode-projects Medical Store Management System MainPanel.java sql injectionEPSS 0.4%CVE-2025-3569MEDIUMJamesZBL/code-projects db-hospital-drug ShiroConfig.java improper authorizationEPSS 0.4%CVE-2025-8931MEDIUMcode-projects Medical Store Management System ChangePassword.java sql injectionEPSS 0.4%CVE-2025-12593MEDIUMcode-projects Simple Online Hotel Reservation System Photo edit_room.php unrestricted uploadEPSS 0.4%CVE-2025-9665MEDIUMcode-projects Simple Grading System Admin Panel edit_student.php sql injectionEPSS 0.4%CVE-2025-9667MEDIUMcode-projects Simple Grading System Admin Panel delete_account.php sql injectionEPSS 0.4%CVE-2025-12298MEDIUMcode-projects Simple Food Ordering System editcategory.php cross site scriptingEPSS 0.4%CVE-2025-13449MEDIUMcode-projects Online Shop Project login.php sql injectionEPSS 0.4%CVE-2025-12302MEDIUMcode-projects Simple Food Ordering System editproduct.php cross site scriptingEPSS 0.4%CVE-2026-6149MEDIUMcode-projects Vehicle Showroom Management System BookVehicleFunction.php sql injectionEPSS 0.4%CVE-2026-3709MEDIUMcode-projects Simple Flight Ticket Booking System register.php sql injectionEPSS 0.4%CVE-2025-14537MEDIUMcode-projects Class and Exam Timetable Management preview7.php sql injectionEPSS 0.4%CVE-2025-8018MEDIUMcode-projects Food Ordering Review System reservation_page.php sql injectionEPSS 0.4%CVE-2025-8174MEDIUMcode-projects Voting System candidates_add.php unrestricted uploadEPSS 0.3%CVE-2025-9666MEDIUMcode-projects Simple Grading System Admin Panel delete_student.php sql injectionEPSS 0.3%CVE-2025-6846MEDIUMcode-projects Simple Forum forum_viewfile.php sql injectionEPSS 0.3%CVE-2026-4850MEDIUMcode-projects Simple Laundry System Parameter checkregisitem.php sql injectionEPSS 0.3%CVE-2025-4021MEDIUMcode-projects Patient Record Management System edit_spatient.php sql injectionEPSS 0.3%CVE-2026-5018MEDIUMcode-projects Simple Food Order System Parameter register-router.php sql injectionEPSS 0.3%