Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities found for Internship Management System by code-projects

    CVE-2026-14701 (GCVE-0-2026-14701)

    Vulnerability from nvd – Published: 2026-07-05 03:45 – Updated: 2026-07-05 03:45 X_Freeware
    VLAI
    Title
    code-projects Internship Management System Password Change Endpoint change_password.php sql injection
    Summary
    A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    code-projects Internship Management System Affected: 1.0
        cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Password Change Endpoint"
              ],
              "product": "Internship Management System",
              "vendor": "code-projects",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T03:45:08.160Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-376297 | code-projects Internship Management System Password Change Endpoint change_password.php sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/376297"
            },
            {
              "name": "VDB-376297 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/376297/cti"
            },
            {
              "name": "CVE-2026-14701 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-14701"
            },
            {
              "name": "Submit #846890 | Internship Portal file `employer/details/change_password.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/846890"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul8.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://code-projects.org/"
            }
          ],
          "tags": [
            "x_freeware"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-04T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-04T07:29:44.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "code-projects Internship Management System Password Change Endpoint change_password.php sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-14701",
        "datePublished": "2026-07-05T03:45:08.160Z",
        "dateReserved": "2026-07-04T05:24:37.642Z",
        "dateUpdated": "2026-07-05T03:45:08.160Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14700 (GCVE-0-2026-14700)

    Vulnerability from nvd – Published: 2026-07-05 03:30 – Updated: 2026-07-05 03:30 X_Freeware
    VLAI
    Title
    code-projects Internship Management System Employer Login Endpoint login.php sql injection
    Summary
    A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    code-projects Internship Management System Affected: 1.0
        cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Employer Login Endpoint"
              ],
              "product": "Internship Management System",
              "vendor": "code-projects",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T03:30:09.324Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-376296 | code-projects Internship Management System Employer Login Endpoint login.php sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/376296"
            },
            {
              "name": "VDB-376296 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/376296/cti"
            },
            {
              "name": "CVE-2026-14700 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-14700"
            },
            {
              "name": "Submit #846889 | Internship Portal file `employer/login.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/846889"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul7.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://code-projects.org/"
            }
          ],
          "tags": [
            "x_freeware"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-04T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-04T07:29:42.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "code-projects Internship Management System Employer Login Endpoint login.php sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-14700",
        "datePublished": "2026-07-05T03:30:09.324Z",
        "dateReserved": "2026-07-04T05:24:35.276Z",
        "dateUpdated": "2026-07-05T03:30:09.324Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14701 (GCVE-0-2026-14701)

    Vulnerability from cvelistv5 – Published: 2026-07-05 03:45 – Updated: 2026-07-05 03:45 X_Freeware
    VLAI
    Title
    code-projects Internship Management System Password Change Endpoint change_password.php sql injection
    Summary
    A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    code-projects Internship Management System Affected: 1.0
        cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Password Change Endpoint"
              ],
              "product": "Internship Management System",
              "vendor": "code-projects",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T03:45:08.160Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-376297 | code-projects Internship Management System Password Change Endpoint change_password.php sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/376297"
            },
            {
              "name": "VDB-376297 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/376297/cti"
            },
            {
              "name": "CVE-2026-14701 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-14701"
            },
            {
              "name": "Submit #846890 | Internship Portal file `employer/details/change_password.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/846890"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul8.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://code-projects.org/"
            }
          ],
          "tags": [
            "x_freeware"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-04T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-04T07:29:44.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "code-projects Internship Management System Password Change Endpoint change_password.php sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-14701",
        "datePublished": "2026-07-05T03:45:08.160Z",
        "dateReserved": "2026-07-04T05:24:37.642Z",
        "dateUpdated": "2026-07-05T03:45:08.160Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14700 (GCVE-0-2026-14700)

    Vulnerability from cvelistv5 – Published: 2026-07-05 03:30 – Updated: 2026-07-05 03:30 X_Freeware
    VLAI
    Title
    code-projects Internship Management System Employer Login Endpoint login.php sql injection
    Summary
    A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    code-projects Internship Management System Affected: 1.0
        cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Employer Login Endpoint"
              ],
              "product": "Internship Management System",
              "vendor": "code-projects",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T03:30:09.324Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-376296 | code-projects Internship Management System Employer Login Endpoint login.php sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/376296"
            },
            {
              "name": "VDB-376296 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/376296/cti"
            },
            {
              "name": "CVE-2026-14700 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-14700"
            },
            {
              "name": "Submit #846889 | Internship Portal file `employer/login.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/846889"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul7.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://code-projects.org/"
            }
          ],
          "tags": [
            "x_freeware"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-04T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-04T07:29:42.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "code-projects Internship Management System Employer Login Endpoint login.php sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-14700",
        "datePublished": "2026-07-05T03:30:09.324Z",
        "dateReserved": "2026-07-04T05:24:35.276Z",
        "dateUpdated": "2026-07-05T03:30:09.324Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }