Code-Projects Accounting System vulnerabilities

CVE-2026-5150 [MEDIUM] CWE-74 CVE-2026-5150: A security vulnerability has been detected in code-projects Accounting System 1.0. This issue affect A security vulnerability has been detected in code-projects Accounting System 1.0. This issue affects some unknown processing of the file /viewin_costumer.php of the component Parameter Handler. Such manipulation of the argument cos_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

CVE-2026-5034 [MEDIUM] CWE-74 CVE-2026-5034: A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /edit_costumer.php of the component Parameter Handler. This manipulation of the argument cos_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.

CVE-2026-5033 [MEDIUM] CWE-74 CVE-2026-5033: A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_costumer.php of the component Parameter Handler. The manipulation of the argument cos_id results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.

CVE-2026-5035 [MEDIUM] CWE-74 CVE-2026-5035: A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2026-4835 [MEDIUM] CWE-79 CVE-2026-4835: A security vulnerability has been detected in code-projects Accounting System 1.0. Impacted is an un A security vulnerability has been detected in code-projects Accounting System 1.0. Impacted is an unknown function of the file /my_account/add_costumer.php of the component Web Application Interface. Such manipulation of the argument costumer_name leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed pub

CVE-2026-4836 [MEDIUM] CWE-74 CVE-2026-4836: A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unkn A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /my_account/delete.php. Performing a manipulation of the argument cos_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.