Code-projects

Scholars Tracking System

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-70151

Exploit
  • EPSS 0.25%
  • Veröffentlicht 18.02.2026 00:00:00
  • Zuletzt bearbeitet 23.02.2026 17:53:20

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints update_profile_picture.php and upload_picture.php store uploaded files in a web-accessible upload...

9.8

CVE-2025-14951

Exploit
  • EPSS 0.04%
  • Veröffentlicht 19.12.2025 14:32:06
  • Zuletzt bearbeitet 24.12.2025 14:57:18

A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument post_content leads to sql injection. The attack can be exec...

9.8

CVE-2025-14950

Exploit
  • EPSS 0.04%
  • Veröffentlicht 19.12.2025 13:32:06
  • Zuletzt bearbeitet 24.02.2026 06:16:29

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /delete_post.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is po...

9.8

CVE-2025-14940

Exploit
  • EPSS 0.04%
  • Veröffentlicht 19.12.2025 04:02:08
  • Zuletzt bearbeitet 24.12.2025 14:56:01

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/delete_user.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the at...

9.8

CVE-2024-24101

  • EPSS 0.11%
  • Veröffentlicht 12.03.2024 22:15:07
  • Zuletzt bearbeitet 13.03.2025 17:15:28

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update.

7.8

CVE-2024-24092

  • EPSS 0.07%
  • Veröffentlicht 12.03.2024 21:15:58
  • Zuletzt bearbeitet 03.04.2025 13:15:37

SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to run arbitrary code via login.php.

9.8

CVE-2024-24093

  • EPSS 0.15%
  • Veröffentlicht 12.03.2024 21:15:58
  • Zuletzt bearbeitet 03.04.2025 13:15:28

SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information Update information.

5.4

CVE-2024-24097

  • EPSS 0.18%
  • Veröffentlicht 12.03.2024 21:15:58
  • Zuletzt bearbeitet 03.04.2025 13:15:11

Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed.

5.4

CVE-2024-24099

  • EPSS 0.06%
  • Veröffentlicht 27.02.2024 02:15:06
  • Zuletzt bearbeitet 03.04.2025 13:17:06

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Employment Status Information Update.