Vulnerabilities > Code Projects > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-28 | CVE-2023-7136 | Cross-site Scripting vulnerability in Code-Projects Record Management System 1.0 A vulnerability classified as problematic was found in code-projects Record Management System 1.0. | 5.4 |
| 2023-12-22 | CVE-2023-7075 | Cross-site Scripting vulnerability in Code-Projects Point of Sales and Inventory Management System 1.0 A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. | 6.1 |
| 2023-11-14 | CVE-2023-46023 | SQL Injection vulnerability in Code-Projects Simple Task List 1.0 SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 allows attackers to obtain sensitive information via the 'status' parameter. | 6.5 |
| 2023-11-14 | CVE-2023-46580 | Cross-site Scripting vulnerability in Code-Projects Inventory Management 1.0 Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component. | 5.4 |
| 2023-11-14 | CVE-2023-46581 | SQL Injection vulnerability in Code-Projects Inventory Management 1.0 SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component. | 5.5 |
| 2023-11-13 | CVE-2023-46019 | Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0 Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. | 6.1 |
| 2023-11-13 | CVE-2023-46020 | Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0 Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. | 6.1 |
| 2023-11-13 | CVE-2023-46021 | SQL Injection vulnerability in Code-Projects Blood Bank 1.0 SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter. | 5.5 |
| 2023-11-13 | CVE-2023-46014 | SQL Injection vulnerability in Code-Projects Blood Bank 1.0 SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. | 5.5 |
| 2023-11-13 | CVE-2023-46015 | Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0 Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL. | 6.1 |