Medium
CVE-2025-6842
A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit_user.php. The manipulation of th…
Tag: PHP
All CVEs associated with "PHP". Page 48/312 • 37334 CVEs.
Subscribe CVEs: RSS for “PHP” · RSS (High+Critical only)
About “PHP”
A curated feed of “PHP”-related CVEs appears below. We currently track 37334 CVEs for this tag (all time). In the last 365 days, 6066 were published. Average CVSS is 6.7 (all time; 6.9 over 365d), and 50% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion').
In our taxonomy this topic maps to a LOW impact class. Language runtimes and libraries cascade through dependency graphs. Upgrade runtime and toolchain, pin versions, rebuild images, and enable SAST or DAST and linters. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-06-29
Medium
CVE-2025-6841
A vulnerability has been found in code-projects Product Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation…
High
CVE-2025-6840
A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of the component Login. The manipulatio…
Medium
CVE-2025-6839
A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the fil…
Medium
CVE-2025-6837
A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argu…
High
CVE-2025-6836
A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sq…
High
CVE-2025-6835
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the a…
High
CVE-2025-6834
A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/editPayment.php. The mani…
2025-06-28
High
CVE-2025-6828
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the ar…
Medium
CVE-2025-53392
In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier's perspective is that thi…
High
CVE-2025-6827
A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/editOrder.php. The manipulation lea…
High
CVE-2025-6826
A vulnerability, which was classified as critical, has been found in code-projects Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /Payroll_Management_…
High
CVE-2025-6823
A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/editProduct.php. The mani…
High
CVE-2025-6822
A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/removeProduct.php. The ma…
High
CVE-2025-6821
A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/createOrder.php. The manipulation…
High
CVE-2025-6820
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /php_action/createProduct.php.…
High
CVE-2025-6819
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/removeBr…
High
CVE-2025-6755
The Game Users Share Buttons plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajaxDeleteTheme() function in all versions up to, and includ…
High
CVE-2025-6381
The BeeTeam368 Extensions plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_remove_temp_file() function. This makes it possible for…
High
CVE-2025-6379
The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_live_fn() function. This makes it possible for authe…
2025-06-27
Low
CVE-2025-6778
A vulnerability, which was classified as problematic, was found in code-projects Food Distributor Site 1.0. Affected is an unknown function of the file /admin/save_settings.php. The manipulation of t…
High
CVE-2025-6777
A vulnerability, which was classified as critical, has been found in code-projects Food Distributor Site 1.0. This issue affects some unknown processing of the file /admin/process_login.php. The mani…
Critical
CVE-2025-52207
PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory.
Medium
CVE-2025-50370
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint…
Medium
CVE-2025-50369
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allow…
Medium
CVE-2025-50367
A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an at…
Critical
CVE-2025-53091
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox param…
High
CVE-2025-53339
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in devnex Devnex Addons For Elementor devnex-addons-for-elementor allows PHP Loca…
High
CVE-2025-53281
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPBean WPB Category Slider for WooCommerce wpb-woocommerce-category-slider all…
High
CVE-2025-53259
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking nd-booking allows PHP Local File Inclusion.This issue af…
High
CVE-2025-53257
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Serhii Pasyuk Gmedia Photo Gallery grand-media allows PHP Local File Inclusion…
Medium
CVE-2025-44163
RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/get_wgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the `entit…
High
CVE-2025-52816
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehunk Zita zita allows PHP Local File Inclusion.This issue affects Zita: f…
High
CVE-2025-52815
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CityGov citygov allows PHP Local File Inclusion.This issue affect…
High
CVE-2025-52814
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW ova-brw allows PHP Local File Inclusion.This issue affects BRW: f…
High
CVE-2025-52812
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusWP Domnoo domnoo allows PHP Local File Inclusion.This issue affects Domnoo…
High
CVE-2025-52811
Path Traversal: '.../...//' vulnerability in Creanncy Davenport - Versatile Blog and Magazine WordPress Theme davenport allows PHP Local File Inclusion.This issue affects Davenport - Versatile Blog a…
High
CVE-2025-52810
Path Traversal vulnerability in TMRW-studio Katerio - Magazine allows PHP Local File Inclusion. This issue affects Katerio - Magazine: from n/a through 1.5.1.
High
CVE-2025-52809
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Russell National Weather Service Alerts national-weather-service-alerts a…
High
CVE-2025-52808
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in real-web RealtyElite realtyelite allows PHP Local File Inclusion.This issue af…
High
CVE-2025-52729
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: fro…
High
CVE-2025-52723
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in codesupplyco Networker networker allows PHP Local File Inclusion.This issue af…
High
CVE-2025-49886
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebGeniusLab Zikzag Core zikzag-core allows PHP Local File Inclusion.This issu…
High
CVE-2025-49883
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Greenmart greenmart allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-49416
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Fastw3b LLC FW Gallery fw-gallery allows PHP Local File Inclusion.This issue a…
High
CVE-2025-32298
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Case-Themes CTUsers ctuser allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-30992
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Puca puca allows PHP Local File Inclusion.This issue affects Puca: fro…
High
CVE-2025-28998
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in serpednet SERPed.net serped-net allows PHP Local File Inclusion.This issue aff…
High
CVE-2025-28990
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme SNS Vicky snsvicky allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-28947
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme MBStore - Digital WooCommerce WordPress Theme mbstore allows PHP Loca…
High
CVE-2025-28946
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme PrintXtore bw-printxtore allows PHP Local File Inclusion.This issue a…
High
CVE-2025-24769
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Zenny bw-zenny allows PHP Local File Inclusion.This issue affects Zen…
High
CVE-2025-24760
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Sofass sofass allows PHP Local File Inclusion.This issue affects So…
High
CVE-2023-25998
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Samex - Clean, Minimal Shop WooCommerce WordPress Theme allows PHP Lo…
2025-06-26
Low
CVE-2025-6699
A vulnerability classified as problematic has been found in LabRedesCefetRJ WeGIA 3.4.0. This affects an unknown part of the file /html/funcionario/cadastro_funcionario.php of the component Cadastro…
Medium
CVE-2025-51671
A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and cate…
Medium
CVE-2025-50350
PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php.
Critical
CVE-2025-34046
An unauthenticated file upload vulnerability exists in the Fanwei E-Office <= v9.4 web management interface. The vulnerability affects the /general/index/UploadFile.php endpoint, which improperly val…
High
CVE-2025-34045
A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl par…
Critical
CVE-2025-34044
A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input…
Low
CVE-2025-6698
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /html/matPat/adicionar_tipoSaida.php of th…
Low
CVE-2025-6697
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /html/matPat/adicionar_tipoEntrad…
Low
CVE-2025-6696
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been classified as problematic. Affected is an unknown function of the file /html/atendido/Cadastro_Atendido.php of the component Cada…
High
CVE-2025-51672
A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote atta…
Low
CVE-2025-6695
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This issue affects some unknown processing of the file /html/matPat/adicionar_categoria.php of the component Ad…
Low
CVE-2025-6694
A vulnerability has been found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This vulnerability affects unknown code of the file /html/matPat/adicionar_unidade.php of the component Ad…
2025-06-25
High
CVE-2025-6668
A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/fetchSelectedBrand.php. The manipu…
Medium
CVE-2025-6667
A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of…
High
CVE-2025-6665
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/editBran…
High
CVE-2023-44915
A cross-site scripting (XSS) vulnerability in the component /Login.php of c3crm up to v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login_er…
High
CVE-2025-6612
A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/removeCategories.php. The…
High
CVE-2025-6611
A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/createBrand.php. The mani…
Medium
CVE-2025-6610
A vulnerability was found in itsourcecode Employee Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editempprofile.php. The manipulatio…
Medium
CVE-2025-6609
A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-detail…
Medium
CVE-2025-6608
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-servic…
High
CVE-2024-27685
SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cda…
Critical
CVE-2021-4457
The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an arbitrary file anywhere on the web server.
Medium
CVE-2025-6607
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the…
Medium
CVE-2025-6606
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. T…
Medium
CVE-2025-6605
A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the…
Medium
CVE-2025-6604
A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argume…
Low
CVE-2025-6613
A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown functionality of the file /doctor/manage-patient.php. Th…
High
CVE-2025-5927
The Everest Forms (Pro) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_entry_files() function in all versions up to, and includin…
Medium
CVE-2025-6583
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of th…
Medium
CVE-2025-6582
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-d…
2025-06-24
Medium
CVE-2025-6581
A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The mani…
High
CVE-2025-6579
A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /message_admin.php. The manipulation of the arg…
High
CVE-2025-6578
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete_account.php.…
Medium
CVE-2025-6570
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. Th…
Medium
CVE-2025-50699
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in odms/admin/view-user-queries.php.
Medium
CVE-2025-50695
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in /admin/view-booking-detail.php and /admin/invoice-generating.php.
Medium
CVE-2025-50693
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object Reference (IDOR) in odms/request-details.php.
Critical
CVE-2021-41691
A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "student_id" and "TRANSFER{SCHOOL]" parameters in POST request sent to /TransferredOutModal.php.
Medium
CVE-2025-6569
A vulnerability classified as problematic was found in code-projects School Fees Payment System 1.0. Affected by this vulnerability is an unknown functionality of the file /student.php. The manipulat…
High
CVE-2025-6567
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file Recruitment/admin/view_applicati…
Medium
CVE-2025-34032
A reflected cross-site scripting (XSS) vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the data parameter in jsmol.php. The application fails to properly sanitize user in…
High
CVE-2025-34031
A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the query parameter in jsmol.php. The script directly passes user input to the file_get_contents() functi…
2025-06-23
Critical
CVE-2025-52562
Convoy is a KVM server management panel for hosting businesses. In versions 3.9.0-rc3 to before 4.4.1, there is a directory traversal vulnerability in the LocaleController component of Performave Con…
High
CVE-2025-50349
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
High
CVE-2025-50348
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php.
Critical
CVE-2025-46101
SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM) version before 5.4.3 allows a remote attacker to obtain sensitive info…
Critical
CVE-2025-52921
In Innoshop through 0.4.1, an authenticated attacker could exploit the File Manager functions in the admin panel to achieve code execution on the server, by uploading a crafted file and then renaming…
High
CVE-2025-6503
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/fetchSelectedCategories.php.…
High
CVE-2025-6502
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php_action/changePassword.php. The man…
High
CVE-2025-6501
A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/createCategories.php. The manipulat…
High
CVE-2025-6500
A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0. Affected by this issue is some unknown functionality of the file /php_action/editCa…
2025-06-22
High
CVE-2025-6489
A vulnerability has been found in itsourcecode Agri-Trading Online Shopping System 1.0 and classified as critical. This vulnerability affects unknown code of the file /transactionsave.php. The manipu…
Medium
CVE-2025-6484
A vulnerability was found in code-projects Online Shopping Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the…
High
CVE-2025-6483
A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The…
High
CVE-2025-6482
A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the…
High
CVE-2025-6481
A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulati…
High
CVE-2025-6480
A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /addcatexec.php. The manipulation of the argume…
High
CVE-2025-6479
A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /salesreport.php. The manipulation of the argument da…
High
CVE-2025-6474
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /changeUsername.php. The manipulation o…
Medium
CVE-2025-6473
A vulnerability, which was classified as problematic, was found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /fees.php. The manipulation of the argument t…
High
CVE-2025-6472
A vulnerability, which was classified as critical, has been found in code-projects Online Bidding System 1.0. Affected by this issue is some unknown functionality of the file /showprod.php. The manip…
High
CVE-2025-6470
A vulnerability classified as critical has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /bidlog.php. The manipulation of the argument ID leads to…
High
CVE-2025-6469
A vulnerability was found in code-projects Online Bidding System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /details.php. The manipulation of the argum…
High
CVE-2025-6468
A vulnerability was found in code-projects Online Bidding System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /bidnow.php. The manipulation of the argume…
High
CVE-2025-6467
A vulnerability was found in code-projects Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument User le…