These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A SQL injection vulnerability was detected in CodeAstro Student Attendance Management System 1.0. The vulnerability is located in the /attendance-php/Admin/createStudents.php file, where an unknown function is impacted. By manipulating the admissionNumber argument, an attacker can inject malicious SQL code. Remote exploitation of this vulnerability is possible. The exploit is now public and may be used.
A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/add_tod of the component Dashboard Interface. The manipulation of the argument todo_data leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and might be used.
A SQL injection vulnerability was discovered in CodeAstro Student Attendance Management System 1.0. The vulnerability affects an unknown function of the file `/attendance-php/Admin/createClassArms.php`. The manipulation of the `classId` argument causes SQL injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
A SQL injection vulnerability was found in CodeAstro Student Attendance Management System 1.0. The vulnerability affects an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in SQL injection. The attack can be launched remotely. The exploit has been made public and could be used.
A SQL injection vulnerability has been identified in CodeAstro Student Attendance Management System 1.0. The vulnerability affects an unknown function of the file `/attendance-php/Admin/createClass.php`. The manipulation of the argument `className` leads to SQL injection. This vulnerability can be exploited remotely.
A SQL injection vulnerability has been discovered in CodeAstro Student Attendance Management System 1.0. The vulnerability exists in an unknown function of the file /attendance-php/index.php and can be exploited by manipulating the Username argument. The attack can be performed remotely and has been publicly disclosed.
A SQL injection vulnerability was detected in CodeAstro Payroll System 1.0. The vulnerability affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in SQL injection. The attack may be performed remotely. The exploit is now public and may be used.
A SQL injection vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /home_salary.php. The manipulation of the argument rate/salary_rate leads to SQL injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
A SQL injection vulnerability has been discovered in CodeAstro Leave Management System 1.0. The vulnerability affects an unknown part of the file /admin/add_leave.php. Performing a manipulation of the argument type_of_leave results in SQL injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
A SQL injection vulnerability was discovered in CodeAstro Leave Management System 1.0. The vulnerability affects an unknown functionality of the file /admin/search_staff_to_assign_pc.php. This manipulation of the argument Name causes SQL injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
A SQL injection vulnerability was found in CodeAstro Leave Management System 1.0. The vulnerability affects an unknown function of the file /admin/delete_leave_type.php. The manipulation of the argument leave_type results in SQL injection. The attack can be executed remotely. The exploit has been made public and could be used.
A SQL injection vulnerability has been discovered in CodeAstro Leave Management System 1.0. The vulnerability affects an unknown function of the file /admin/search_staff_for_deletion.php, where the manipulation of the argument Name leads to SQL injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
A SQL injection vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. The vulnerability impacts an unknown function of the file /Ingredients-Stock/add_stock.php. The manipulation of the argument ID results in SQL injection. The attack may be launched remotely. The exploit is now public and may be used.
A SQL injection vulnerability exists in CodeAstro Online Job Portal 1.0, specifically within the /admin/jobs-admins/delete-jobs.php endpoint. The vulnerability stems from improper sanitization of the 'ID' parameter, allowing remote attackers to manipulate SQL queries. The CVSS 4.0 vector indicates network attack vector with low attack complexity, no required privileges, and low impacts across confidential [truncated]
A SQL injection vulnerability exists in CodeAstro Ingredients Stock Management System 1.0, specifically in the /Ingredients-Stock/stock_manager.php file via the txt_search_category parameter. The vulnerability allows remote attackers to manipulate SQL queries. The CVSS 4.0 base score is 2.1 (LOW severity), with an exploit published and available. The vendor is currently identified as unknown with low conf [truncated]
CVE-2026-8231 describes a SQL injection issue affecting CodeAstro Online Catering Ordering System 1.0, specifically an unknown function in /deleteorder.php where the ID parameter can be manipulated. The source record says the attack can be carried out remotely and that the exploit has been publicly disclosed. Although the CVSS score is low, exposed deployments should still be reviewed quickly because the [truncated]