Vulnerabilidades em code-projects

1.284 resultados
Análise Vexday

O portfólio de vulnerabilidades do vendor code-projects acumula 1.281 CVEs catalogadas, com volume expressivo de entradas recentes — 136 apenas nos últimos 90 dias —, o que indica ritmo elevado de descobertas e atenção crescente da comunidade de pesquisa. A falha mais frequente é CWE-89 (injeção de SQL), padrão que tende a ser explorado de forma sistemática, e 146 CVEs já possuem prova de conceito pública disponível, reduzindo a barreira técnica para possíveis atacantes. A CVE mais perigosa ativa no momento é CVE-2023-7137, com score EPSS de 0,1703, o maior registrado no conjunto — embora nenhuma CVE desse vendor figure no catálogo KEV da CISA, taxa abaixo da média geral do catálogo. A combinação de PoCs públicas numerosas, falhas de injeção recorrentes e cadência alta de novas vulnerabilidades recomenda atenção prioritária a revisões de código e controles de entrada em projetos que utilizem componentes desse vendor.

CVE-2026-5647MEDIUMcode-projects Online Shoe Store Add Product admin_feature.php cross site scriptingEPSS 0.2%CVE-2026-4575MEDIUMcode-projects Exam Form Submission update_s2.php cross site scriptingEPSS 0.2%CVE-2026-5834MEDIUMcode-projects Online Shoe Store admin_running.php cross site scriptingEPSS 0.2%CVE-2026-7553MEDIUMcode-projects Gym Management System edit_exercises.php sql injectionEPSS 0.2%CVE-2026-5836MEDIUMcode-projects Online Shoe Store admin_product.php cross site scriptingEPSS 0.2%CVE-2026-7732MEDIUMcode-projects BloodBank Managing System request_blood.php unrestricted uploadEPSS 0.2%CVE-2026-4577MEDIUMcode-projects Exam Form Submission update_s4.php cross site scriptingEPSS 0.2%CVE-2026-2222MEDIUMcode-projects Online Reviewer System btn_functions.php cross site scriptingEPSS 0.2%CVE-2026-13504MEDIUMcode-projects Project Management System Mail Compose mail.php cross site scriptingEPSS 0.2%CVE-2026-6003MEDIUMcode-projects Simple IT Discussion Forum user.php cross site scriptingEPSS 0.2%CVE-2026-4972MEDIUMcode-projects Online Reviewer System btn_functions.php cross site scriptingEPSS 0.2%CVE-2025-14663MEDIUMcode-projects Student File Management System update_student.php cross site scriptingEPSS 0.2%CVE-2026-7092MEDIUMcode-projects Invoice System in Laravel Profile profile improper authorizationEPSS 0.2%CVE-2026-7107MEDIUMcode-projects Invoice System in Laravel company unrestricted uploadEPSS 0.2%CVE-2026-7091MEDIUMcode-projects Invoice System in Laravel User Management user improper authorizationEPSS 0.2%CVE-2026-7093MEDIUMcode-projects Invoice System in Laravel Invoice Endpoint invoice improper authorizationEPSS 0.2%CVE-2026-10209MEDIUMcode-projects Online Hospital Management System Appointment appointmentdetail.php sql injectionEPSS 0.2%CVE-2026-2156MEDIUMcode-projects Online Student Management System Announcement Management index.php cross site scriptingEPSS 0.2%CVE-2026-6006MEDIUMcode-projects Patient Record Management System edit_hpatient.php sql injectionEPSS 0.2%CVE-2026-6202MEDIUMcode-projects Easy Blog Site post.php sql injectionEPSS 0.2%