Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CodeAstro — Vulnerabilities & Security Advisories 125

Browse all 125 CVE security advisories affecting CodeAstro. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CodeAstro operates as a software development and IT services provider, primarily focusing on custom application development and digital transformation solutions for enterprise clients. Security audits have identified a significant volume of vulnerabilities within its ecosystem, with 122 CVEs currently on record. These flaws predominantly involve remote code execution and cross-site scripting, indicating persistent weaknesses in input validation and session management across various deployed modules. Additionally, several instances of privilege escalation have been documented, suggesting inadequate access control mechanisms in legacy systems. While no single catastrophic breach has been publicly attributed solely to CodeAstro, the high frequency of critical severity ratings highlights systemic issues in their secure development lifecycle. Recent patches have addressed some remote execution vectors, yet the sheer number of outstanding issues necessitates rigorous third-party security assessments to mitigate ongoing risks for dependent organizations.

Top products by CodeAstro: Real Estate Management System Online Classroom Gym Management System Internet Banking System Membership Management System House Rental Management System Hospital Management System Online Railway Reservation System Online Food Ordering System POS and Inventory Management System Online Job Portal Patient Record Management System Online Leave Application Simple Hospital Management System Food Ordering System Student Grading System Car Rental System POS System Restaurant POS System University Management System Vehicle Booking System Expense Management System Online Movie Ticket Booking System Online Catering Ordering System Leave Management System Simple House Rental System Simple Inventory System Simple Banking System Stock Management System Electricity Billing System
CVE IDTitleCVSSSeverityPublished
CVE-2025-11592 CodeAstro Gym Management System edit-equipmentform.php sql injection — Gym Management SystemCWE-89 6.3 Medium2025-10-11
CVE-2025-11591 CodeAstro Gym Management System delete-member.php sql injection — Gym Management SystemCWE-89 6.3 Medium2025-10-11
CVE-2025-11590 CodeAstro Gym Management System equipment-entry.php sql injection — Gym Management SystemCWE-89 6.3 Medium2025-10-11
CVE-2025-11589 CodeAstro Gym Management System user-payment.php sql injection — Gym Management SystemCWE-89 6.3 Medium2025-10-10
CVE-2025-11588 CodeAstro Gym Management System index.php sql injection — Gym Management SystemCWE-89 6.3 Medium2025-10-10
CVE-2025-11118 CodeAstro Student Grading System adminLogin.php sql injection — Student Grading SystemCWE-89 7.3 High2025-09-28
CVE-2025-11114 CodeAstro Online Leave Application leaveAplicationForm.php sql injection — Online Leave ApplicationCWE-89 6.3 Medium2025-09-28
CVE-2025-11113 CodeAstro Online Leave Application signup.php sql injection — Online Leave ApplicationCWE-89 6.3 Medium2025-09-28
CVE-2025-11104 CodeAstro Electricity Billing System bill.php sql injection — Electricity Billing SystemCWE-89 6.3 Medium2025-09-28
CVE-2025-10780 CodeAstro Simple Pharmacy Management view.php sql injection — Simple Pharmacy ManagementCWE-89 6.3 Medium2025-09-22
CVE-2025-9942 CodeAstro Real Estate Management System submitproperty.php unrestricted upload — Real Estate Management SystemCWE-434 6.3 Medium2025-09-04
CVE-2025-9941 CodeAstro Real Estate Management System register.php unrestricted upload — Real Estate Management SystemCWE-434 6.3 Medium2025-09-04
CVE-2025-9940 CodeAstro Real Estate Management System feature.php cross site scripting — Real Estate Management SystemCWE-79 3.5 Low2025-09-04
CVE-2025-9939 CodeAstro Real Estate Management System propertyview.php cross site scripting — Real Estate Management SystemCWE-79 3.5 Low2025-09-04
CVE-2025-9237 CodeAstro Ecommerce Website Edit Your Account my_account.php cross site scripting — Ecommerce WebsiteCWE-79 3.5 Low2025-08-20
CVE-2025-7153 CodeAstro Simple Hospital Management System POST Parameter doctor.html cross site scripting — Simple Hospital Management SystemCWE-79 3.5 Low2025-07-08
CVE-2025-7148 CodeAstro Simple Hospital Management System POST Parameter patient.html cross site scripting — Simple Hospital Management SystemCWE-79 3.5 Low2025-07-07
CVE-2025-7147 CodeAstro Patient Record Management System login.php sql injection — Patient Record Management SystemCWE-89 7.3 High2025-07-07
CVE-2025-7133 CodeAstro Online Movie Ticket Booking System cross-site request forgery — Online Movie Ticket Booking SystemCWE-352 4.3 Medium2025-07-07
CVE-2025-6664 CodeAstro Patient Record Management System cross-site request forgery — Patient Record Management SystemCWE-352 4.3 Medium2025-06-25
CVE-2025-6478 CodeAstro Expense Management System cross-site request forgery — Expense Management SystemCWE-352 4.3 Medium2025-06-22
CVE-2025-6452 CodeAstro Patient Record Management System Generate New Report Page cross site scripting — Patient Record Management SystemCWE-79 2.4 Low2025-06-22
CVE-2025-6131 CodeAstro Food Ordering System POST Request Parameter edit cross site scripting — Food Ordering SystemCWE-79 2.4 Low2025-06-16
CVE-2025-5611 CodeAstro Real Estate Management System submitpropertyupdate.php sql injection — Real Estate Management SystemCWE-89 6.3 Medium2025-06-04
CVE-2025-5610 CodeAstro Real Estate Management System submitpropertydelete.php sql injection — Real Estate Management SystemCWE-89 6.3 Medium2025-06-04
CVE-2025-5583 CodeAstro Real Estate Management System register.php sql injection — Real Estate Management SystemCWE-89 7.3 High2025-06-04
CVE-2025-5582 CodeAstro Real Estate Management System profile.php sql injection — Real Estate Management SystemCWE-89 6.3 Medium2025-06-04
CVE-2025-5581 CodeAstro Real Estate Management System index.php sql injection — Real Estate Management SystemCWE-89 7.3 High2025-06-04
CVE-2025-5580 CodeAstro Real Estate Management System login.php sql injection — Real Estate Management SystemCWE-89 7.3 High2025-06-04
CVE-2025-4811 CodeAstro Pharmacy Management System Login index.php sql injection — Pharmacy Management SystemCWE-89 7.3 High2025-05-16

This page lists every published CVE security advisory associated with CodeAstro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.