Code-Projects Scholars Tracking System vulnerabilities

CVE-2025-14940 [MEDIUM] CWE-74 CVE-2025-14940: A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element i A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/delete_user.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-14950 [MEDIUM] CWE-74 CVE-2025-14950: A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element i A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /delete_post.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.

CVE-2025-14951 [MEDIUM] CWE-74 CVE-2025-14951: A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impact A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument post_content leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

CVE-2024-24093 [CRITICAL] CWE-89 CVE-2024-24093: SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run ar SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information Update information.

CVE-2024-24101 [CRITICAL] CWE-89 CVE-2024-24101: Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Informat Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update.

CVE-2024-24092 [HIGH] CWE-89 CVE-2024-24092: SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to ru SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to run arbitrary code via login.php.

CVE-2024-24097 [MEDIUM] CWE-79 CVE-2024-24097: Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attack Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed.

CVE-2024-24099 [MEDIUM] CWE-89 CVE-2024-24099: Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Employment Status In Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Employment Status Information Update.