Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

wecodex

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

5
Related CVEsRelated ProductsRelated AssignersReports
5Vulnerabilities found
CVE-2018-25204
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.49% / 65.53%
||
7 Day CHG+0.06%
Published-26 Mar, 2026 | 11:39
Updated-31 Mar, 2026 | 01:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Library CMS 1.0 SQL Injection via admin login

Library CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can send POST requests to the admin login endpoint with boolean-based blind SQL injection payloads in the username field to manipulate database queries and gain unauthorized access.

Action-Not Available
Vendor-wecodexWecodex
Product-library_cmsLibrary CMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-25201
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-0.05% / 14.36%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 11:39
Updated-27 Mar, 2026 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
School Management System CMS 1.0 Admin Login SQL Injection

School Management System CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious payloads using boolean-based blind SQL injection techniques to the processlogin endpoint to authenticate as administrator without valid credentials.

Action-Not Available
Vendor-wecodexWecodex Solutions
Product-school_management_system_cmsSchool Management System CMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-25195
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.49% / 65.53%
||
7 Day CHG+0.06%
Published-26 Mar, 2026 | 11:39
Updated-28 Mar, 2026 | 02:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wecodex Hotel CMS 1.0 SQL Injection via Admin Login

Wecodex Hotel CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows unauthenticated attackers to bypass authentication by injecting SQL code. Attackers can submit malicious SQL payloads through the username parameter in POST requests to index.php with action=processlogin to extract sensitive database information or gain unauthorized administrative access.

Action-Not Available
Vendor-wecodexWecodex
Product-hotel_cmsWecodex Hotel CMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-25185
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.04% / 10.99%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 11:39
Updated-27 Mar, 2026 | 21:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wecodex Restaurant CMS 1.0 SQL Injection via Login

Wecodex Restaurant CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the username parameter. Attackers can send POST requests to the login endpoint with malicious SQL payloads using boolean-based blind or time-based blind techniques to extract sensitive database information.

Action-Not Available
Vendor-wecodexWecodex
Product-restaurant_cmsWecodex Restaurant CMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-25183
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.49% / 65.53%
||
7 Day CHG+0.06%
Published-26 Mar, 2026 | 11:39
Updated-27 Mar, 2026 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shipping System CMS 1.0 SQL Injection via admin login

Shipping System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious SQL payloads using boolean-based blind techniques in POST requests to the admin login endpoint to authenticate without valid credentials.

Action-Not Available
Vendor-wecodexWecodex
Product-shipping_system_cmsShipping System CMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')