VYPR

Product Expiry Management System

by Sourcecodester

CVEs (2)

  • CVE-2024-1269LowFeb 7, 2024
    risk 0.16cvss 2.4epss 0.01

    A vulnerability has been found in SourceCodester Product Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /supplier.php. The manipulation of the argument supplier_name/supplier_contact leads to cross site scripting. The…

  • CVE-2025-63712Nov 10, 2025
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) in SourceCodester Product Expiry Management System. The User Management module (delete-user.php) allows remote attackers to delete arbitrary user accounts via forged cross-origin GET requests because the endpoint relies solely on session cookies…