VYPR
Vendor

Sourcecodehero

Products
3
CVEs
6
Across products
6
Status
Private

Products

3

Recent CVEs

6
  • CVE-2024-44727CriSep 5, 2024
    risk 0.64cvss 9.8epss 0.01

    Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php.

  • CVE-2022-3118HigSep 4, 2022
    risk 0.48cvss 7.3epss 0.01

    A vulnerability was found in Sourcecodehero ERP System Project. It has been rated as critical. This issue affects some unknown processing of the file /pages/processlogin.php. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2024-10336HigOct 24, 2024
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in SourceCodeHero Clothes Recommendation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php of the component Admin Login Page. The manipulation of the argument t1 leads to sql injection.…

  • CVE-2024-44728MedSep 5, 2024
    risk 0.40cvss 6.1epss 0.00

    Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact# in /clientdetails/admin/regester.php.

  • CVE-2024-10338MedOct 24, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical was found in SourceCodeHero Clothes Recommendation System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/home.php. The manipulation of the argument view/view1 leads to sql injection. The attack can be…

  • CVE-2024-10337MedOct 24, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical has been found in SourceCodeHero Clothes Recommendation System 1.0. Affected is an unknown function of the file /admin/home.php?con=add. The manipulation of the argument cat/subcat/ t1/t2/text leads to sql injection. It is possible to…