Vendor
CVE-2026-10290: Hotel and Tourism Reservation System SQL Injection Vulnerability
2 rules 1 TTP 1 CVEA SQL injection vulnerability exists in code-projects Hotel and Tourism Reservation System version 1.0 due to improper sanitization of the 'tour' GET parameter in the tour.php file, potentially allowing remote attackers to execute arbitrary SQL queries.
CVE-2026-10288 - code-projects Hotel and Tourism Reservation System Authentication Bypass
2 rules 2 TTPs 1 CVECVE-2026-10288 is a high severity vulnerability in code-projects Hotel and Tourism Reservation System 1.0, allowing remote attackers to bypass authentication via manipulation of the Password argument in the /admin/login.php file.
code-projects Online Music Site 1.0 SQL Injection Vulnerability (CVE-2026-10178)
2 rules 1 TTP 1 CVECVE-2026-10178 is a remote SQL injection vulnerability in code-projects Online Music Site 1.0, affecting the /Administrator/PHP/AdminEditAlbum.php file due to manipulation of the ID argument.
CVE-2026-10110: SQL Injection Vulnerability in Student Details Management System
2 rules 1 TTP 1 CVECVE-2026-10110 is a SQL injection vulnerability in code-projects Student Details Management System 1.0, allowing a remote attacker to execute arbitrary SQL commands by manipulating the 'roll' argument in the /index.php file, potentially leading to data breaches and unauthorized access.
code-projects Project Management System SQL Injection Vulnerability (CVE-2026-9584)
2 rules 1 TTP 1 CVEA SQL injection vulnerability (CVE-2026-9584) exists in code-projects Project Management System 1.0 within the chk.php file of the Login component, allowing a remote attacker to execute arbitrary SQL commands.
code-projects Feedback System 1.0 SQL Injection Vulnerability (CVE-2026-8098)
2 rules 1 TTP 1 CVEA SQL injection vulnerability exists in code-projects Feedback System 1.0 via manipulation of the email parameter in /admin/checklogin.php, potentially allowing remote attackers to execute arbitrary SQL commands.
code-projects Online Hospital Management System SQL Injection Vulnerability
2 rules 1 TTP 1 CVECVE-2026-7632 is a SQL injection vulnerability in code-projects Online Hospital Management System 1.0, allowing a remote attacker to execute arbitrary SQL commands by manipulating the 'delid' argument in the '/viewappointment.php' file.
code-projects Plugin 4.1.2cu.5137 Buffer Overflow Vulnerability
2 rules 2 TTPs 1 CVEA buffer overflow vulnerability (CVE-2026-7503) exists in code-projects Plugin 4.1.2cu.5137, allowing a remote attacker to execute arbitrary code by manipulating the 'wepkey2' argument in the 'setWiFiMultipleConfig' function of the '/lib/cste_modules/wireless.so' library, posing a critical risk due to publicly available exploits.
Online Lot Reservation System SQL Injection Vulnerability
2 rules 1 TTP 1 CVECVE-2026-7131 is a SQL injection vulnerability in code-projects Online Lot Reservation System up to version 1.0, affecting the /loginuser.php component via manipulation of the email/password arguments, which could allow remote attackers to execute arbitrary SQL queries.
SQL Injection Vulnerability in code-projects Inventory Management System 1.0
2 rules 1 TTP 1 CVEA SQL injection vulnerability exists in code-projects Inventory Management System 1.0 within the Login component, specifically affecting the Username argument, where a remote attacker can manipulate the Username parameter, leading to unauthorized data access or modification.
code-projects Employee Management System SQL Injection Vulnerability (CVE-2026-7063)
2 rules 1 TTP 1 CVECVE-2026-7063 is a SQL Injection vulnerability in code-projects Employee Management System 1.0 via the 'pwd' parameter in /370project/process/eprocess.php, enabling remote attackers to execute arbitrary SQL commands.