Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CodeAstro — Vulnerabilities & Security Advisories 125

Browse all 125 CVE security advisories affecting CodeAstro. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CodeAstro operates as a software development and IT services provider, primarily focusing on custom application development and digital transformation solutions for enterprise clients. Security audits have identified a significant volume of vulnerabilities within its ecosystem, with 122 CVEs currently on record. These flaws predominantly involve remote code execution and cross-site scripting, indicating persistent weaknesses in input validation and session management across various deployed modules. Additionally, several instances of privilege escalation have been documented, suggesting inadequate access control mechanisms in legacy systems. While no single catastrophic breach has been publicly attributed solely to CodeAstro, the high frequency of critical severity ratings highlights systemic issues in their secure development lifecycle. Recent patches have addressed some remote execution vectors, yet the sheer number of outstanding issues necessitates rigorous third-party security assessments to mitigate ongoing risks for dependent organizations.

Top products by CodeAstro: Real Estate Management System Online Classroom Gym Management System Internet Banking System Membership Management System House Rental Management System Hospital Management System Online Railway Reservation System Online Food Ordering System POS and Inventory Management System Online Job Portal Patient Record Management System Online Leave Application Simple Hospital Management System Food Ordering System Student Grading System Car Rental System POS System Restaurant POS System University Management System Vehicle Booking System Expense Management System Online Movie Ticket Booking System Online Catering Ordering System Leave Management System Simple House Rental System Simple Inventory System Simple Banking System Stock Management System Electricity Billing System
CVE IDTitleCVSSSeverityPublished
CVE-2025-3998 CodeAstro Membership Management System renew.php sql injection — Membership Management SystemCWE-89 7.3 High2025-04-28
CVE-2025-3205 CodeAstro Student Grading System studentsubject.php sql injection — Student Grading SystemCWE-89 6.3 Medium2025-04-04
CVE-2025-3204 CodeAstro Car Rental System returncar.php sql injection — Car Rental SystemCWE-89 6.3 Medium2025-04-04
CVE-2024-13070 CodeAstro Online Food Ordering System Update User Page update_users.php sql injection — Online Food Ordering SystemCWE-89 6.3 Medium2024-12-31
CVE-2024-13067 CodeAstro Online Food Ordering System All Users Page all_users.php access control — Online Food Ordering SystemCWE-284 5.3 Medium2024-12-31
CVE-2024-13038 CodeAstro Simple Loan Management System Login index.php sql injection — Simple Loan Management SystemCWE-89 7.3 High2024-12-30
CVE-2024-12981 CodeAstro Car Rental System bookingconfirm.php sql injection — Car Rental SystemCWE-89 6.3 Medium2024-12-27
CVE-2024-12944 CodeAstro House Rental Management System signin.php sql injection — House Rental Management SystemCWE-89 7.3 High2024-12-26
CVE-2024-12943 CodeAstro House Rental Management System ownersignup.php sql injection — House Rental Management SystemCWE-89 7.3 High2024-12-26
CVE-2024-12941 CodeAstro Blood Donor Management System deletedannounce.php sql injection — Blood Donor Management SystemCWE-89 6.3 Medium2024-12-26
CVE-2024-11678 CodeAstro Hospital Management System his_doc_register_patient.php cross site scripting — Hospital Management SystemCWE-79 3.5 Low2024-11-26
CVE-2024-11677 CodeAstro Hospital Management System Add Vendor Details Page his_admin_add_vendor.php cross site scripting — Hospital Management SystemCWE-79 3.5 Low2024-11-26
CVE-2024-11676 CodeAstro Hospital Management System Add Laboratory Equipment Page his_admin_add_lab_equipment.php cross site scripting — Hospital Management SystemCWE-79 3.5 Low2024-11-26
CVE-2024-11675 CodeAstro Hospital Management System Add Patient Details Page his_admin_register_patient.php cross site scripting — Hospital Management SystemCWE-79 3.5 Low2024-11-26
CVE-2024-11674 CodeAstro Hospital Management System his_doc_update-account.php unrestricted upload — Hospital Management SystemCWE-434 6.3 Medium2024-11-25
CVE-2024-11058 CodeAstro Real Estate Management System About Us Page aboutedit.php sql injection — Real Estate Management SystemCWE-89 4.7 Medium2024-11-10
CVE-2024-11000 CodeAstro Real Estate Management System About Us Page aboutedit.php unrestricted upload — Real Estate Management SystemCWE-434 4.7 Medium2024-11-08
CVE-2024-10999 CodeAstro Real Estate Management System About Us Page aboutadd.php unrestricted upload — Real Estate Management SystemCWE-434 4.7 Medium2024-11-08
CVE-2024-7912 CodeAstro Online Railway Reservation System assets exposure of information through directory listing — Online Railway Reservation SystemCWE-548 5.3 Medium2024-08-18
CVE-2024-7910 CodeAstro Online Railway Reservation System Profile Photo Update emp-profile-avatar.php unrestricted upload — Online Railway Reservation SystemCWE-434 4.7 Medium2024-08-18
CVE-2024-7815 CodeAstro Online Railway Reservation System Update Employee Page admin-update-employee.php cross site scripting — Online Railway Reservation SystemCWE-79 2.4 Low2024-08-15
CVE-2024-7814 CodeAstro Online Railway Reservation System Add Employee Page admin-add-employee.php cross site scripting — Online Railway Reservation SystemCWE-79 2.4 Low2024-08-15
CVE-2024-2351 CodeAstro Ecommerce Site Search action.php sql injection — Ecommerce SiteCWE-89 6.3 Medium2024-03-09
CVE-2024-2333 CodeAstro Membership Management System add_members.php sql injection — Membership Management SystemCWE-89 6.3 Medium2024-03-09
CVE-2024-2149 CodeAstro Membership Management System settings.php sql injection — Membership Management SystemCWE-89 4.7 Medium2024-03-03
CVE-2024-2076 CodeAstro House Rental Management System tenant.php missing authentication — House Rental Management SystemCWE-306 5.3 Medium2024-03-01
CVE-2024-1924 CodeAstro Membership Management System get_membership_amount.php sql injection — Membership Management SystemCWE-89 6.3 Medium2024-02-27
CVE-2024-1825 CodeAstro House Rental Management System User Registration Page cross site scripting — House Rental Management SystemCWE-79 4.3 Medium2024-02-23
CVE-2024-1824 CodeAstro House Rental Management System signing.php sql injection — House Rental Management SystemCWE-89 7.3 High2024-02-23
CVE-2024-1823 CodeAstro Simple Voting System Backend users.php access control — Simple Voting SystemCWE-284 5.3 Medium2024-02-23

This page lists every published CVE security advisory associated with CodeAstro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.