Remyandrade
Products
6- 27 CVEs
- 9 CVEs
- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
43| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9603 | Med | 0.42 | 6.5 | 0.00 | May 26, 2026 | A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible.… | ||
| CVE-2026-3695 | Med | 0.42 | 6.5 | 0.01 | Mar 8, 2026 | A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the file /delete.php. Such manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been… | ||
| CVE-2026-9484 | Med | 0.41 | 6.3 | 0.00 | May 25, 2026 | A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected by this vulnerability is the function getClassroomStudents/removeStudentFromClassroom of the file classroom.php. Executing a manipulation of the argument classroom_id can lead to… | ||
| CVE-2026-9483 | Med | 0.41 | 6.3 | 0.00 | May 25, 2026 | A vulnerability was found in SourceCodester Student Grades Management System 1.0. Affected is an unknown function of the file grades.php. Performing a manipulation of the argument student_id results in improper authorization. The attack may be initiated remotely. The exploit has… | ||
| CVE-2026-3163 | Med | 0.41 | 6.3 | 0.00 | Feb 25, 2026 | A vulnerability has been found in SourceCodester Website Link Extractor 1.0. This vulnerability affects the function file_get_contents of the component URL Handler. The manipulation leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit… | ||
| CVE-2025-14530 | Med | 0.31 | 4.7 | 0.00 | Dec 11, 2025 | A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely.… | ||
| CVE-2026-9486 | Med | 0.28 | 4.3 | 0.00 | May 25, 2026 | A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for… | ||
| CVE-2026-3302 | Med | 0.28 | 4.3 | 0.00 | Feb 27, 2026 | A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The… | ||
| CVE-2026-3070 | Med | 0.28 | 4.3 | 0.00 | Feb 24, 2026 | A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulnerability is an unknown functionality of the file upload.php. The manipulation of the argument filename results in cross site scripting. The attack may be launched remotely. The… | ||
| CVE-2026-9485 | Low | 0.23 | 3.5 | 0.00 | May 25, 2026 | A vulnerability was identified in SourceCodester Student Grades Management System 1.0. Affected by this issue is some unknown functionality of the file students.php. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack is… | ||
| CVE-2026-0580 | Low | 0.23 | 3.5 | 0.00 | Jan 5, 2026 | A vulnerability was found in SourceCodester API Key Manager App 1.0. Affected by this vulnerability is an unknown functionality of the component Import Key Handler. Performing a manipulation results in cross site scripting. The attack can be initiated remotely. | ||
| CVE-2025-13349 | Low | 0.23 | 3.5 | 0.00 | Nov 18, 2025 | A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote… | ||
| CVE-2025-12332 | Low | 0.16 | 2.4 | 0.00 | Oct 28, 2025 | A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function delete_user of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be… | ||
| CVE-2025-11485 | Low | 0.16 | 2.4 | 0.00 | Oct 8, 2025 | A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function add_user of the file /admin.php of the component Manage Users Page. This manipulation of the argument first_name/last_name causes cross site scripting. The attack can… | ||
| CVE-2021-27320 | 0.02 | — | 0.09 | Mar 24, 2021 | Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter. | |||
| CVE-2025-70457 | 0.00 | — | 0.01 | Jan 23, 2026 | A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension… | |||
| CVE-2025-66918 | 0.00 | — | 0.00 | Dec 11, 2025 | edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting (XSS) in admin/add-session.php via the "title" parameter. | |||
| CVE-2025-64070 | 0.00 | — | 0.00 | Dec 2, 2025 | Sourcecodester Student Grades Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in the Add New Subject Description field. | |||
| CVE-2025-65358 | 0.00 | — | 0.00 | Dec 2, 2025 | Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php. | |||
| CVE-2025-63892 | 0.00 | — | 0.00 | Nov 18, 2025 | A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroom.php of the component My Classrooms Management Page. This manipulation of the argument name/description causes stored cross site… |
- risk 0.42cvss 6.5epss 0.00
A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible.…
- risk 0.42cvss 6.5epss 0.01
A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the file /delete.php. Such manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected by this vulnerability is the function getClassroomStudents/removeStudentFromClassroom of the file classroom.php. Executing a manipulation of the argument classroom_id can lead to…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in SourceCodester Student Grades Management System 1.0. Affected is an unknown function of the file grades.php. Performing a manipulation of the argument student_id results in improper authorization. The attack may be initiated remotely. The exploit has…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in SourceCodester Website Link Extractor 1.0. This vulnerability affects the function file_get_contents of the component URL Handler. The manipulation leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit…
- risk 0.31cvss 4.7epss 0.00
A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely.…
- risk 0.28cvss 4.3epss 0.00
A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for…
- risk 0.28cvss 4.3epss 0.00
A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulnerability is an unknown functionality of the file upload.php. The manipulation of the argument filename results in cross site scripting. The attack may be launched remotely. The…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was identified in SourceCodester Student Grades Management System 1.0. Affected by this issue is some unknown functionality of the file students.php. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack is…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in SourceCodester API Key Manager App 1.0. Affected by this vulnerability is an unknown functionality of the component Import Key Handler. Performing a manipulation results in cross site scripting. The attack can be initiated remotely.
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote…
- risk 0.16cvss 2.4epss 0.00
A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function delete_user of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function add_user of the file /admin.php of the component Manage Users Page. This manipulation of the argument first_name/last_name causes cross site scripting. The attack can…
- CVE-2021-27320Mar 24, 2021risk 0.02cvss —epss 0.09
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter.
- CVE-2025-70457Jan 23, 2026risk 0.00cvss —epss 0.01
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension…
- CVE-2025-66918Dec 11, 2025risk 0.00cvss —epss 0.00
edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting (XSS) in admin/add-session.php via the "title" parameter.
- CVE-2025-64070Dec 2, 2025risk 0.00cvss —epss 0.00
Sourcecodester Student Grades Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in the Add New Subject Description field.
- CVE-2025-65358Dec 2, 2025risk 0.00cvss —epss 0.00
Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php.
- CVE-2025-63892Nov 18, 2025risk 0.00cvss —epss 0.00
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroom.php of the component My Classrooms Management Page. This manipulation of the argument name/description causes stored cross site…