Vendor
Janobe
Products
17
CVEs
55
Across products
55
Status
Private
Products
17- 8 CVEs
- 7 CVEs
- 7 CVEs
- 5 CVEs
- 4 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
55| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-36236 | Cri | 0.64 | 9.8 | 0.00 | Apr 10, 2026 | SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter. | |
| CVE-2021-41646 | Cri | 0.64 | 9.8 | 0.09 | Oct 29, 2021 | Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. | |
| CVE-2021-27130 | Cri | 0.64 | 9.8 | 0.01 | Apr 14, 2021 | Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload. | |
| CVE-2026-2090 | Hig | 0.47 | 7.3 | 0.00 | Feb 7, 2026 | A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argument term can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. | |
| CVE-2026-2089 | Hig | 0.47 | 7.3 | 0.00 | Feb 7, 2026 | A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | |
| CVE-2026-2087 | Hig | 0.47 | 7.3 | 0.00 | Feb 7, 2026 | A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. | |
| CVE-2025-13257 | Hig | 0.47 | 7.3 | 0.00 | Nov 17, 2025 | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. | |
| CVE-2025-13237 | Hig | 0.47 | 7.3 | 0.00 | Nov 16, 2025 | A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be exploited. | |
| CVE-2025-13235 | Hig | 0.47 | 7.3 | 0.00 | Nov 16, 2025 | A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. | |
| CVE-2025-13233 | Hig | 0.47 | 7.3 | 0.00 | Nov 16, 2025 | A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | |
| CVE-2025-12293 | Hig | 0.47 | 7.3 | 0.00 | Oct 27, 2025 | A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | |
| CVE-2025-12292 | Hig | 0.47 | 7.3 | 0.00 | Oct 27, 2025 | A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | |
| CVE-2025-11480 | Hig | 0.47 | 7.3 | 0.00 | Oct 8, 2025 | A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument register_username results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | |
| CVE-2025-11479 | Hig | 0.47 | 7.3 | 0.00 | Oct 8, 2025 | A security vulnerability has been detected in SourceCodester Wedding Reservation Management System 1.0. Impacted is the function insertReservation of the file function.php. Such manipulation of the argument number leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | |
| CVE-2025-11477 | Hig | 0.47 | 7.3 | 0.00 | Oct 8, 2025 | A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. | |
| CVE-2025-11476 | Hig | 0.47 | 7.3 | 0.00 | Oct 8, 2025 | A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument login_username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used. | |
| CVE-2025-11430 | Hig | 0.47 | 7.3 | 0.00 | Oct 8, 2025 | A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | |
| CVE-2025-10601 | Hig | 0.47 | 7.3 | 0.00 | Sep 17, 2025 | A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2025-10600 | Hig | 0.47 | 7.3 | 0.00 | Sep 17, 2025 | A flaw has been found in SourceCodester Online Exam Form Submission 1.0. This impacts an unknown function of the file /register.php. This manipulation of the argument img causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |
| CVE-2025-10596 | Hig | 0.47 | 7.3 | 0.00 | Sep 17, 2025 | A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument usn results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used. |