VYPR

Vendor CVEs

Itsourcecode

All CVEs

463 total · sorted by risk
  • CVE-2026-3993MedMar 12, 2026
    risk 0.28cvss 4.3epss 0.00

    A security vulnerability has been detected in itsourcecode Payroll Management System 1.0. This vulnerability affects unknown code of the file /manage_employee_deductions.php. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely.…

  • CVE-2026-3812MedMar 9, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The…

  • CVE-2026-3043MedFeb 24, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/navbar.php. Executing a manipulation of the argument page can lead to cross site scripting. The attack may be performed from remote. The exploit has…

  • CVE-2026-1135MedJan 19, 2026
    risk 0.28cvss 4.3epss 0.00

    A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. The manipulation of the argument Title results in cross site scripting. The attack may be launched remotely. The exploit has been…

  • CVE-2025-67465MedDec 9, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple Link Directory simple-link-directory allows Cross Site Request Forgery.This issue affects Simple Link Directory: from n/a through <= 8.8.3.

  • CVE-2025-11119MedSep 28, 2025
    risk 0.28cvss 4.3epss 0.00

    A security flaw has been discovered in itsourcecode Hostel Management System 1.0. Impacted is an unknown function of the file /justines/index.php of the component POST Request Handler. Performing manipulation of the argument from results in cross site scripting. It is possible…

  • CVE-2025-9595MedAug 29, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location.…

  • CVE-2025-7182MedJul 8, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/modules/subject/edit.php. The manipulation of the argument pre leads to cross site…

  • CVE-2026-26365MedFeb 23, 2026
    risk 0.26cvss 4.0epss 0.00

    Akamai Ghost on Akamai CDN edge servers before 2026-02-06 mishandles processing of custom hop-by-hop HTTP headers, where an incoming request containing the header "Connection: Transfer-Encoding" could result in a forward request with invalid message framing, depending on the…

  • CVE-2025-11433LowOct 8, 2025
    risk 0.23cvss 3.5epss 0.00

    A security flaw has been discovered in itsourcecode Leave Management System 1.0. This impacts the function redirect of the file /module/employee/controller.php?action=reset of the component Query Parameter Handler. Performing a manipulation of the argument ID results in cross…

  • CVE-2026-2939LowFeb 22, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /add_student/ of the component Add Student Module. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The…

  • CVE-2020-23835Sep 1, 2020
    risk 0.03cvss epss 0.02

    A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Tailor Management System v1.0 allows remote attackers to harvest keys pressed by an unauthenticated victim who clicks on a malicious URL and begins typing.

  • CVE-2026-27502Feb 20, 2026
    risk 0.00cvss epss 0.00

    SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in log.php via the search query parameter. The application embeds the unsanitized parameter value directly into an HTML input value attribute, allowing an unauthenticated remote attacker to…

  • CVE-2026-24679Feb 9, 2026
    risk 0.00cvss epss 0.00

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface. This vulnerability is fixed in 3.22.0.

  • CVE-2025-43706Jan 5, 2026
    risk 0.00cvss epss 0.00

    An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service.

  • CVE-2023-54069Dec 24, 2025
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may be exactly where ext4_lblk_t (i.e. uint) overflows. For example, if…

  • CVE-2025-67285Dec 17, 2025
    risk 0.00cvss epss 0.00

    A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for…

  • CVE-2025-67741Dec 11, 2025
    risk 0.00cvss epss 0.00

    In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute

  • CVE-2025-9768Sep 1, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was identified in itsourcecode Sports Management System 1.0. This impacts an unknown function of the file /Admin/mode.php. The manipulation of the argument code leads to sql injection. The attack is possible to be carried out remotely.

  • CVE-2025-4726May 15, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in itsourcecode Placement Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view_student.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2025-4725May 15, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in itsourcecode Placement Management System 1.0. This affects an unknown part of the file /view_drive.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-4724May 15, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in itsourcecode Placement Management System 1.0. Affected by this issue is some unknown functionality of the file /student_profile.php. The manipulation of the argument ID leads to sql injection. The attack may be…

  • CVE-2025-4723May 15, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /all_student.php. The manipulation of the argument delete leads to sql injection. The attack can be launched…

  • CVE-2025-4722May 15, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /edit_profile.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-4721May 15, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Placement Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /drive.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-4488May 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_package. The manipulation of the argument ID leads to sql injection. The attack…

  • CVE-2025-4487May 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=delete_member. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack…

  • CVE-2025-4486May 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /ajax.php?action=delete_plan. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely.…

  • CVE-2025-4485May 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=delete_trainer. The manipulation of the argument ID leads to sql injection. The attack can be initiated…

  • CVE-2025-4484May 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_user. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-4483May 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /view_pdetails.php. The manipulation of the argument ID leads to sql injection. The attack may be…

  • CVE-2025-4466May 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=save_payment. The manipulation of the argument registration_id leads to sql injection. It is possible to initiate…

  • CVE-2025-4465May 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_schedule. The manipulation of the argument member_id leads to sql injection. The attack may be…

  • CVE-2025-4464May 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation of the argument plan leads to sql injection. The attack can be…

  • CVE-2025-4463May 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. Affected is an unknown function of the file /ajax.php?action=save_package. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack…

  • CVE-2025-4363May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=end_membership. The manipulation of the argument rid leads to sql injection. The attack may be…

  • CVE-2025-4362May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=save_membership. The manipulation of the argument member_id leads to sql injection. The attack can be initiated…

  • CVE-2025-4360May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /view_member.php. The manipulation of the argument ID leads to sql injection. The attack may be launched…

  • CVE-2025-4359May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_member. The manipulation of the argument ID leads to sql injection. The attack can be…

  • CVE-2025-4311May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /admin/update_main_topic_img.php?topic_id=529. The manipulation of the argument stopic_id leads to sql injection. The attack can be…

  • CVE-2025-4310May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. This affects an unknown part of the file /admin/add_topic.php?category=BBS. The manipulation of the argument Cover Image leads to unrestricted upload. It is possible to initiate…

  • CVE-2025-4301May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. The attack can be…

  • CVE-2025-4300May 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /search_list.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-4195May 2, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /ajax.php?action=save_member. The manipulation of the argument umember_id leads to sql injection. The attack can be…

  • CVE-2025-4063Apr 29, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in code-projects Student Information Management System 1.0 and classified as critical. Affected by this issue is the function cancel. The manipulation of the argument first_name/last_name leads to stack-based buffer overflow. The attack needs to be…

  • CVE-2025-4025Apr 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of the argument Name leads to sql injection. The attack can be launched…

  • CVE-2025-4024Apr 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /add_drive.php. The manipulation of the argument drive_title leads to sql injection. It is possible to launch the attack remotely.…

  • CVE-2025-4023Apr 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Placement Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /add_company.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely.…

  • CVE-2025-3245Apr 4, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in itsourcecode Library Management System 1.0. It has been rated as critical. Affected by this issue is the function Search of the file library_management/src/Library_Management/Forgot.java. The manipulation of the argument txtuname leads to sql…

  • CVE-2024-50656Feb 3, 2025
    risk 0.00cvss epss 0.00

    itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field in registration.php.

Page 6 of 10