code-projects — Vulnerabilities & Security Advisories 1240

Browse all 1240 CVE security advisories affecting code-projects. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Code-projects is a software development platform primarily serving as a repository for user-generated code snippets, tutorials, and project files. Historically, the platform has been associated with a significant volume of security vulnerabilities, currently totaling 1238 CVEs. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation issues, often stemming from insecure handling of uploaded files or inadequate input validation within user-submitted scripts. The high number of recorded vulnerabilities suggests systemic weaknesses in the platform’s code review and deployment processes, allowing malicious actors to exploit exposed endpoints. While specific major incidents are rarely publicized as widespread breaches, the sheer quantity of CVEs indicates a persistent risk for users downloading and executing unverified code from the site. This environment necessitates rigorous sandboxing and verification practices for any developer interacting with the platform’s resources.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-12335	code-projects E-Commerce Website supplier_update.php cross site scripting — E-Commerce WebsiteCWE-79	4.3	Medium	2025-10-27
CVE-2025-12334	code-projects E-Commerce Website product_add.php cross site scripting — E-Commerce WebsiteCWE-79	4.3	Medium	2025-10-27
CVE-2025-12333	code-projects E-Commerce Website supplier_add.php cross site scripting — E-Commerce WebsiteCWE-79	4.3	Medium	2025-10-27
CVE-2025-11597	code-projects E-Commerce Website product_add_qty.php sql injection — E-Commerce WebsiteCWE-89	6.3	Medium	2025-10-11
CVE-2025-11596	code-projects E-Commerce Website delete_order_details.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-10-11
CVE-2025-11558	code-projects E-Commerce Website user_index_search.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-10-09
CVE-2025-11513	code-projects E-Commerce Website supplier_update.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-10-08
CVE-2025-11511	code-projects E-Commerce Website supplier_add.php sql injection — E-Commerce WebsiteCWE-89	6.3	Medium	2025-10-08
CVE-2025-11509	code-projects E-Commerce Website product_add.php sql injection — E-Commerce WebsiteCWE-89	6.3	Medium	2025-10-08
CVE-2025-11420	code-projects E-Commerce Website edit_order_details.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-10-08
CVE-2025-11094	code-projects E-Commerce Website admin_product_details.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-09-28
CVE-2025-11037	code-projects E-Commerce Website admin_index_search.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-09-26
CVE-2025-11036	code-projects E-Commerce Website admin_account_update.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-09-26
CVE-2025-10793	code-projects E-Commerce Website admin_account_delete.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2025-09-22
CVE-2023-7108	code-projects E-Commerce Website user_signup.php cross site scripting — E-Commerce WebsiteCWE-79	4.3	Medium	2023-12-26
CVE-2023-7107	code-projects E-Commerce Website user_signup.php sql injection — E-Commerce WebsiteCWE-89	7.3	High	2023-12-25
CVE-2023-7106	code-projects E-Commerce Website sql injection — E-Commerce WebsiteCWE-89	6.3	Medium	2023-12-25
CVE-2023-7105	code-projects E-Commerce Website index_search.php sql injection — E-Commerce WebsiteCWE-89	4.7	Medium	2023-12-25

This page lists every published CVE security advisory associated with code-projects. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

code-projects — Vulnerabilities & Security Advisories 1240