VYPR

Best Fee Management System

by Sourcecodester

CVEs (48)

  • CVE-2023-6898MedDec 17, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and…

  • CVE-2023-5272MedSep 29, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit…

  • CVE-2023-5271MedSep 29, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been…

  • CVE-2023-5270MedSep 29, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has…

  • CVE-2023-5269MedSep 29, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id/s leads to sql injection.…

  • CVE-2025-44185MedMay 15, 2025
    risk 0.35cvss 5.4epss 0.00

    SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the password parameter.

  • CVE-2025-44186MedMay 14, 2025
    risk 0.35cvss 5.4epss 0.00

    SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.

  • CVE-2024-40473MedAug 12, 2024
    risk 0.35cvss 5.4epss 0.01

    A Stored Cross Site Scripting (XSS) vulnerability was found in "manage_houses.php" in SourceCodester Best House Rental Management System v1.0. It allows remote attackers to execute arbitrary code via "House_no" and "Description" parameter fields.

  • CVE-2025-44184MedMay 14, 2025
    risk 0.31cvss 4.8epss 0.00

    SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.

  • CVE-2025-1593MedFeb 23, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It…

  • CVE-2024-11214MedNov 14, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be…

  • CVE-2024-11213MedNov 14, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-1607MedFeb 24, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability, which was classified as problematic, has been found in SourceCodester Best Employee Management System 1.0. This issue affects some unknown processing of the file /admin/salary_slip.php. The manipulation of the argument id leads to authorization bypass. The…

  • CVE-2025-1606MedFeb 24, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0. This vulnerability affects unknown code of the file /admin/backup/backups.php. The manipulation leads to information disclosure. The attack can be initiated remotely. The…

  • CVE-2024-12357MedDec 9, 2024
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be…

  • CVE-2024-11743MedNov 26, 2024
    risk 0.28cvss 4.3epss 0.00

    A vulnerability, which was classified as problematic, was found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /rental/ajax.php?action=delete_user of the component POST Request Handler. The manipulation leads to cross-site…

  • CVE-2024-4945MedMay 16, 2024
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file view_parcel.php. The manipulation of the argument id leads to unrestricted upload. It is possible to launch the…

  • CVE-2024-11742LowNov 26, 2024
    risk 0.23cvss 3.5epss 0.01

    A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Rental Management System 1.0. This issue affects some unknown processing of the file /rental/ajax.php?action=save_tenant. The manipulation of the argument…

  • CVE-2024-10348LowOct 24, 2024
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First…

  • CVE-2024-9033LowSep 20, 2024
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_category. The manipulation of the argument name leads to cross…