VYPR

Vendor CVEs

Janobe

All CVEs

155 total · sorted by risk
  • CVE-2026-36236CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter.

  • CVE-2021-41646CriOct 29, 2021
    risk 0.64cvss 9.8epss 0.07

    Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..

  • CVE-2021-27130CriApr 14, 2021
    risk 0.64cvss 9.8epss 0.02

    Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.

  • CVE-2026-4839HigMar 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file /purchase.php of the component Parameter Handler. The manipulation of the argument custom leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2026-2912HigFeb 22, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument test_id results in sql injection. It is possible to launch the…

  • CVE-2026-2223HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/take/index.php. The manipulation of the argument ID leads to sql injection. It is…

  • CVE-2026-2221HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The attack is possible to be carried…

  • CVE-2026-2220HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btn_functions.php. Such manipulation of the argument difficulty_id leads to sql injection. The attack can be…

  • CVE-2026-2198HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipulation of the argument difficulty_id leads to sql injection. It is possible to…

  • CVE-2026-2197HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument test_id causes sql injection. It is possible to initiate the…

  • CVE-2026-2196HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulation of the argument test_id results in sql injection. The attack may be performed…

  • CVE-2026-2195HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be…

  • CVE-2026-2166HigFeb 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack is…

  • CVE-2026-2090HigFeb 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argument term can lead to sql injection. The attack can be executed remotely. The…

  • CVE-2026-2089HigFeb 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible.…

  • CVE-2026-2087HigFeb 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email causes sql injection. The attack may be initiated remotely. The exploit has…

  • CVE-2025-13485HigNov 21, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The…

  • CVE-2025-13257HigNov 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.…

  • CVE-2025-13237HigNov 16, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results in sql injection. The attack can be launched remotely. The exploit has been…

  • CVE-2025-13235HigNov 16, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can lead to sql injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2025-13233HigNov 16, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has…

  • CVE-2025-12293HigOct 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly…

  • CVE-2025-12292HigOct 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly…

  • CVE-2025-11480HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument register_username results in sql injection. The attack is possible to be carried out…

  • CVE-2025-11479HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Wedding Reservation Management System 1.0. Impacted is the function insertReservation of the file function.php. Such manipulation of the argument number leads to sql injection. The attack can be executed remotely. The…

  • CVE-2025-11477HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has…

  • CVE-2025-11476HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument login_username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available…

  • CVE-2025-11430HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public…

  • CVE-2025-10601HigSep 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2025-10600HigSep 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Online Exam Form Submission 1.0. This impacts an unknown function of the file /register.php. This manipulation of the argument img causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published…

  • CVE-2025-10596HigSep 17, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument usn results in sql injection. The attack can be launched remotely. The exploit has been made public and could be…

  • CVE-2025-10482HigSep 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now…

  • CVE-2025-10479HigSep 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely.…

  • CVE-2025-9706HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit…

  • CVE-2025-9705HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Water Billing System 1.0. Affected is an unknown function of the file /paybill.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to…

  • CVE-2025-9704HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Water Billing System 1.0. This impacts an unknown function of the file /viewbill.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the…

  • CVE-2025-9700HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published…

  • CVE-2025-9660HigAug 29, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument phonenumber results in sql injection. The attack is possible to be carried out…

  • CVE-2025-13236MedNov 16, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is…

  • CVE-2025-13234MedNov 16, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Performing manipulation of the argument PROID results in sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-12939MedNov 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection. The attack can be launched…

  • CVE-2025-12933MedNov 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is…

  • CVE-2025-12931MedNov 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-12930MedNov 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown function of the file /view-ticket.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to…

  • CVE-2025-12926MedNov 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made…

  • CVE-2025-11487MedOct 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The…

  • CVE-2025-11486MedOct 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /buyNow.php. Such manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit is…

  • CVE-2025-11478MedOct 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in SourceCodester Farm Management System 1.0. This issue affects some unknown processing of the file /myCart.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made…

  • CVE-2025-10627MedSep 18, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /admin/delete_user.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to…

  • CVE-2025-10626MedSep 18, 2025
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in SourceCodester Online Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /admin/update_s3.php. This manipulation of the argument credits causes sql injection. Remote exploitation of the attack is possible. The…

Page 1 of 4