VYPR

Pet Management System

by Sourcecodester

CVEs (230)

  • CVE-2024-40110CriJul 12, 2024
    risk 0.64cvss 9.8epss 0.02

    Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution (RCE) vulnerability via the productimage parameter at /farm/product.php.

  • CVE-2024-34833CriJun 17, 2024
    risk 0.64cvss 9.8epss 0.02

    Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability…

  • CVE-2024-36779CriJun 6, 2024
    risk 0.64cvss 9.8epss 0.01

    Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php.

  • CVE-2024-36568CriJun 3, 2024
    risk 0.64cvss 9.8epss 0.01

    Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=.

  • CVE-2024-34919CriMay 17, 2024
    risk 0.64cvss 9.8epss 0.01

    An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file.

  • CVE-2024-28557CriApr 15, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.

  • CVE-2024-28556CriApr 15, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.

  • CVE-2024-31678CriApr 11, 2024
    risk 0.64cvss 9.8epss 0.01

    Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection via the "password" parameter in the "login.php" file.

  • CVE-2024-29303CriMar 26, 2024
    risk 0.64cvss 9.8epss 0.01

    The delete admin users function of SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection

  • CVE-2024-25239CriMar 21, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php.

  • CVE-2023-30076CriApr 20, 2023
    risk 0.64cvss 9.8epss 0.01

    Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=.

  • CVE-2024-34226CriMay 14, 2024
    risk 0.61cvss 9.4epss 0.01

    SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester Visitor Management System 1.0 allow attackers to execute arbitrary SQL commands via the id parameters.

  • CVE-2024-33294CriMay 6, 2024
    risk 0.59cvss 9.1epss 0.01

    An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the _FAILE variable in the student_edit_photo.php component.

  • CVE-2026-9393HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. The attack may be initiated remotely. The exploit has been made public…

  • CVE-2024-36569HigJun 3, 2024
    risk 0.53cvss 8.1epss 0.01

    Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php.

  • CVE-2022-4855HigDec 30, 2022
    risk 0.50cvss 7.3epss 0.26

    A vulnerability, which was classified as critical, was found in SourceCodester Lead Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2024-29302HigMar 26, 2024
    risk 0.49cvss 7.5epss 0.01

    SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-employee.php.

  • CVE-2024-29301HigMar 26, 2024
    risk 0.49cvss 7.5epss 0.01

    SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=

  • CVE-2025-1160HigFeb 10, 2025
    risk 0.48cvss 7.3epss 0.01

    A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. The…

  • CVE-2024-5774HigJun 9, 2024
    risk 0.48cvss 7.3epss 0.01

    A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql…

Page 1 of 12