VYPR

Vendor CVEs

Oretnom23

All CVEs

440 total · sorted by risk
  • CVE-2026-3752MedMar 8, 2026
    risk 0.31cvss 4.7epss 0.00

    A flaw has been found in SourceCodester Employee Task Management System up to 1.0. The affected element is an unknown function of the file /daily-task-report.php of the component GET Parameter Handler. This manipulation of the argument Date causes sql injection. It is possible…

  • CVE-2026-3751MedMar 8, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was detected in SourceCodester Employee Task Management System 1.0. Impacted is an unknown function of the file /daily-attendance-report.php of the component GET Parameter Handler. The manipulation of the argument Date results in sql injection. The attack may be…

  • CVE-2025-6873MedJun 29, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability, which was classified as critical, has been found in SourceCodester Simple Company Website 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be…

  • CVE-2025-6872MedJun 29, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be…

  • CVE-2025-6870MedJun 29, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the argument img leads to unrestricted upload. The attack…

  • CVE-2025-6869MedJun 29, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/testimonials/manage.php. The manipulation of the argument ID leads to sql injection. The attack…

  • CVE-2025-6868MedJun 29, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/clients/manage.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack…

  • CVE-2025-6867MedJun 29, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in SourceCodester Simple Company Website 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/services/manage.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely.…

  • CVE-2026-3770MedMar 8, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used.

  • CVE-2026-3702MedMar 8, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out…

  • CVE-2026-2160MedFeb 8, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Master.php?f=save_package. The manipulation of the argument Title leads to cross site scripting. The…

  • CVE-2026-2159MedFeb 8, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected is an unknown function of the file /tourism/classes/Master.php?f=register of the component Registration. Executing a manipulation of the argument firstname/lastname/username can lead to cross…

  • CVE-2026-1745MedFeb 2, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in SourceCodester Medical Certificate Generator App 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

  • CVE-2025-6476MedJun 22, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in SourceCodester Gym Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to…

  • CVE-2026-3819LowMar 9, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage_reservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting.…

  • CVE-2025-14221LowDec 8, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now…

  • CVE-2025-13450LowNov 20, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was determined in SourceCodester Online Shop Project 1.0. Impacted is an unknown function of the file /shop/register.php. This manipulation of the argument f_name causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2024-7218LowJul 30, 2024
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=save_student. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from…

  • CVE-2026-36945LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/clients/manage_client.php

  • CVE-2026-36943LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/manage_repair.php.

  • CVE-2026-36947LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view_service.php.

  • CVE-2026-36946LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view_details.php.

  • CVE-2026-36923LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/view_booking.php.

  • CVE-2026-36922LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/view_category.php.

  • CVE-2024-6807LowJul 17, 2024
    risk 0.16cvss 2.4epss 0.01

    A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sscdms/classes/Users.php?f=save of the component HTTP POST Request Handler. The…

  • CVE-2020-29214Jun 15, 2021
    risk 0.04cvss epss 0.04

    SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php.

  • CVE-2023-0905Feb 18, 2023
    risk 0.03cvss epss 0.03

    A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack…

  • CVE-2023-0904Feb 18, 2023
    risk 0.03cvss epss 0.02

    A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument task_id leads to sql injection. The attack may be initiated…

  • CVE-2021-44653Dec 15, 2021
    risk 0.03cvss epss 0.06

    Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to gain access as admin to the application.

  • CVE-2025-4806May 16, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=back_order/view_bo. The manipulation of the argument ID leads to sql…

  • CVE-2025-4787May 16, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of the file /admin/?page=sales/view_sale. The manipulation of the argument ID leads to sql injection. It is possible to launch the…

  • CVE-2025-4786May 16, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/?page=return/view_return. The manipulation of the argument ID leads to sql injection. The attack may be…

  • CVE-2025-4782May 16, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /sms/admin/?page=receiving/view_receiving&id=1. The manipulation of the argument ID leads to sql injection. The…

  • CVE-2025-4549May 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/register-router.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely.…

  • CVE-2025-4548May 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /routers/router.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-4507May 10, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /routers/add-item.php. The manipulation of the argument price leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-4506May 10, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/menu-router.php. The manipulation of the argument 1_price leads to sql injection. The attack may be…

  • CVE-2025-4492May 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in Campcodes Online Food Ordering System 1.0. This issue affects some unknown processing of the file /routers/ticket-message.php. The manipulation of the argument ticket_id leads to sql injection. The attack may…

  • CVE-2025-4491May 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/ticket-status.php. The manipulation of the argument ticket_id leads to sql injection. The attack can be initiated remotely.…

  • CVE-2025-4490May 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /view-ticket-admin.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-4489May 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/user-router.php. The manipulation of the argument t1_verified leads to sql injection. The attack may…

  • CVE-2025-4283May 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The manipulation of the argument Username leads to sql injection. The attack may be…

  • CVE-2025-4282May 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=save. The manipulation leads to cross-site request forgery. The attack can be initiated…

  • CVE-2025-4267May 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in SourceCodester/oretnom23 Stock Management System 1.0. This affects an unknown part of the file /admin/?page=purchase_order/view_po of the component Purchase Order Details Page. The manipulation of the argument ID…

  • CVE-2025-45956Apr 29, 2025
    risk 0.00cvss epss 0.00

    A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter

  • CVE-2023-44752Apr 22, 2025
    risk 0.00cvss epss 0.01

    An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass authentication via a crafted GET request to /php-sscdms/admin/login.php.

  • CVE-2025-3195Apr 4, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be…

  • CVE-2025-2852Mar 27, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Food Ordering Management System up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menus/view_menu.php. The manipulation of the argument ID leads to sql injection.…

  • CVE-2025-2654Mar 23, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/services/manage_service.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate…

  • CVE-2025-2387Mar 17, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. It is possible to launch…

Page 2 of 9