Janobe
Products
18- 25 CVEs
- 20 CVEs
- 15 CVEs
- 14 CVEs
- 13 CVEs
- 13 CVEs
- 8 CVEs
- 8 CVEs
- 7 CVEs
- 7 CVEs
- 5 CVEs
- 4 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
Recent CVEs
155| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-36236 | Cri | 0.64 | 9.8 | 0.00 | Apr 10, 2026 | SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter. | ||
| CVE-2021-41646 | Cri | 0.64 | 9.8 | 0.07 | Oct 29, 2021 | Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. | ||
| CVE-2021-27130 | Cri | 0.64 | 9.8 | 0.02 | Apr 14, 2021 | Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload. | ||
| CVE-2026-4839 | Hig | 0.47 | 7.3 | 0.00 | Mar 26, 2026 | A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file /purchase.php of the component Parameter Handler. The manipulation of the argument custom leads to sql injection. The attack can be initiated remotely. The… | ||
| CVE-2026-2912 | Hig | 0.47 | 7.3 | 0.00 | Feb 22, 2026 | A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument test_id results in sql injection. It is possible to launch the… | ||
| CVE-2026-2223 | Hig | 0.47 | 7.3 | 0.00 | Feb 9, 2026 | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/take/index.php. The manipulation of the argument ID leads to sql injection. It is… | ||
| CVE-2026-2221 | Hig | 0.47 | 7.3 | 0.00 | Feb 9, 2026 | A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The attack is possible to be carried… | ||
| CVE-2026-2220 | Hig | 0.47 | 7.3 | 0.00 | Feb 9, 2026 | A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btn_functions.php. Such manipulation of the argument difficulty_id leads to sql injection. The attack can be… | ||
| CVE-2026-2198 | Hig | 0.47 | 7.3 | 0.00 | Feb 9, 2026 | A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipulation of the argument difficulty_id leads to sql injection. It is possible to… | ||
| CVE-2026-2197 | Hig | 0.47 | 7.3 | 0.00 | Feb 9, 2026 | A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument test_id causes sql injection. It is possible to initiate the… | ||
| CVE-2026-2196 | Hig | 0.47 | 7.3 | 0.00 | Feb 9, 2026 | A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulation of the argument test_id results in sql injection. The attack may be performed… | ||
| CVE-2026-2195 | Hig | 0.47 | 7.3 | 0.00 | Feb 9, 2026 | A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be… | ||
| CVE-2026-2166 | Hig | 0.47 | 7.3 | 0.00 | Feb 8, 2026 | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack is… | ||
| CVE-2026-2090 | Hig | 0.47 | 7.3 | 0.00 | Feb 7, 2026 | A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argument term can lead to sql injection. The attack can be executed remotely. The… | ||
| CVE-2026-2089 | Hig | 0.47 | 7.3 | 0.00 | Feb 7, 2026 | A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible.… | ||
| CVE-2026-2087 | Hig | 0.47 | 7.3 | 0.00 | Feb 7, 2026 | A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email causes sql injection. The attack may be initiated remotely. The exploit has… | ||
| CVE-2025-13485 | Hig | 0.47 | 7.3 | 0.00 | Nov 21, 2025 | A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The… | ||
| CVE-2025-13257 | Hig | 0.47 | 7.3 | 0.00 | Nov 17, 2025 | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.… | ||
| CVE-2025-13237 | Hig | 0.47 | 7.3 | 0.00 | Nov 16, 2025 | A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results in sql injection. The attack can be launched remotely. The exploit has been… | ||
| CVE-2025-13235 | Hig | 0.47 | 7.3 | 0.00 | Nov 16, 2025 | A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can lead to sql injection. It is possible to launch the attack remotely. The exploit… |
- risk 0.64cvss 9.8epss 0.00
SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter.
- risk 0.64cvss 9.8epss 0.07
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..
- risk 0.64cvss 9.8epss 0.02
Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.
- risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file /purchase.php of the component Parameter Handler. The manipulation of the argument custom leads to sql injection. The attack can be initiated remotely. The…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument test_id results in sql injection. It is possible to launch the…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/take/index.php. The manipulation of the argument ID leads to sql injection. It is…
- risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The attack is possible to be carried…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btn_functions.php. Such manipulation of the argument difficulty_id leads to sql injection. The attack can be…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipulation of the argument difficulty_id leads to sql injection. It is possible to…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument test_id causes sql injection. It is possible to initiate the…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulation of the argument test_id results in sql injection. The attack may be performed…
- risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack is…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argument term can lead to sql injection. The attack can be executed remotely. The…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible.…
- risk 0.47cvss 7.3epss 0.00
A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email causes sql injection. The attack may be initiated remotely. The exploit has…
- risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.…
- risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results in sql injection. The attack can be launched remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can lead to sql injection. It is possible to launch the attack remotely. The exploit…