VYPR

Vendor CVEs

Sourcecodester

All CVEs

1,696 total · sorted by risk
  • CVE-2025-3096CriApr 1, 2025
    risk 0.67cvss epss 0.01

    Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page.

  • CVE-2026-37340CriApr 16, 2026
    risk 0.64cvss 9.8epss 0.00

    SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/edit_music.php.

  • CVE-2026-37339CriApr 16, 2026
    risk 0.64cvss 9.8epss 0.00

    SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_genre.php.

  • CVE-2026-37338CriApr 16, 2026
    risk 0.61cvss 9.4epss 0.00

    SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php.

  • CVE-2026-30562CriMar 30, 2026
    risk 0.60cvss 9.3epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_stock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-9393HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. The attack may be initiated remotely. The exploit has been made public…

  • CVE-2026-11501HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=save_patient. The manipulation of the argument ID results in sql injection. It is possible to…

  • CVE-2026-11486HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is…

  • CVE-2026-11485HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive2.php. Such manipulation of the argument sy leads to sql injection. The attack may be launched remotely. The exploit has been…

  • CVE-2026-11484HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of the argument sy causes sql injection. The attack may be initiated remotely. The exploit has been made…

  • CVE-2026-11483HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /archive4.php. The manipulation of the argument sy results in sql injection. The attack can be launched remotely. The exploit has been…

  • CVE-2026-11482HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /archive5.php. The manipulation of the argument sy leads to sql injection. The attack can be initiated remotely. The exploit is…

  • CVE-2026-11472HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly…

  • CVE-2026-11471HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2026-10877HigJun 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack…

  • CVE-2026-10704HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/admin_class_novo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql…

  • CVE-2026-10694HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public…

  • CVE-2026-10287HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability affects the function get_headers of the file /index.php. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The…

  • CVE-2026-10263HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manage_product.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The…

  • CVE-2026-10236HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be…

  • CVE-2026-10185HigMay 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The…

  • CVE-2026-10184HigMay 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The…

  • CVE-2026-9575HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue affects some unknown processing of the file /admin/modules/class/index.php?view=view. The manipulation of the argument ID leads to sql injection. The attack may be initiated…

  • CVE-2026-9574HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the argument studentId/cid can lead to sql injection. The attack can be launched…

  • CVE-2026-9573HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated…

  • CVE-2026-9447HigMay 25, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely.…

  • CVE-2026-9356HigMay 24, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/manage_history.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from…

  • CVE-2026-9355HigMay 24, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /classes/Master.php?f=save_patient_history. This manipulation of the argument ID causes sql injection. The attack is possible to be…

  • CVE-2026-8131HigMay 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2026-8129HigMay 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has…

  • CVE-2026-8083HigMay 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made…

  • CVE-2026-7550HigMay 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2026-7549HigMay 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The…

  • CVE-2026-7228HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function get_cart_count of the file /admin/ajax.php?action=get_cart_count. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out…

  • CVE-2026-7227HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results in sql injection. The attack can be executed remotely. The exploit is now public…

  • CVE-2026-7226HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects the function login2 of the file /admin/ajax.php?action=login2. The manipulation of the argument e-mail leads to sql injection. Remote exploitation of the attack is…

  • CVE-2026-7225HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function delete_menu of the file /admin/ajax.php?action=delete_menu. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched…

  • CVE-2026-7224HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function delete_cart of the file /admin/ajax.php?action=delete_cart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely.…

  • CVE-2026-7199HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_product. Performing a manipulation of the argument ID results in sql injection. It is possible…

  • CVE-2026-7194HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The…

  • CVE-2026-7130HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete_category. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from…

  • CVE-2026-7128HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save_type. Such manipulation of the argument ID leads to sql injection. The attack can be executed…

  • CVE-2026-7127HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_receiving. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is…

  • CVE-2026-7088HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched…

  • CVE-2026-7087HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely.…

  • CVE-2026-37337HigApr 16, 2026
    risk 0.47cvss 7.3epss 0.00

    SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php.

  • CVE-2026-37336HigApr 16, 2026
    risk 0.47cvss 7.3epss 0.00

    SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php.

  • CVE-2026-6189HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack…

  • CVE-2026-36948HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    Sourcecodester Online Thesis Archiving System v1.0 is vulnerale to SQL injection in the file /otas/view_archive.php.

  • CVE-2026-6188HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has…

Page 1 of 34