VYPR

Vendor CVEs

Sourcecodester

All CVEs

1,696 total · sorted by risk
  • CVE-2025-1597Feb 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/redirect.php. The manipulation of the argument a leads to cross site scripting. It is possible to launch the…

  • CVE-2025-1596Feb 23, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best Church Management Software 1.0 and classified as critical. This issue affects some unknown processing of the file /fpassword.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely.…

  • CVE-2025-1593Feb 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It…

  • CVE-2025-1592Feb 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument…

  • CVE-2025-1591Feb 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /department.php of the component Department Page. The manipulation of the argument Department…

  • CVE-2025-1590Feb 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible…

  • CVE-2025-1589Feb 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be…

  • CVE-2025-1587Feb 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects the function addrecords of the file main.cpp of the component Add New Record. The manipulation of the argument name/phonenumber leads to buffer…

  • CVE-2023-51302Feb 19, 2025
    risk 0.00cvss epss 0.01

    PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to…

  • CVE-2023-51299Feb 19, 2025
    risk 0.00cvss epss 0.00

    PHPJabbers Hotel Booking System v4.0 is vulnerable to HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.

  • CVE-2023-51297Feb 19, 2025
    risk 0.00cvss epss 0.01

    A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

  • CVE-2023-51300Feb 19, 2025
    risk 0.00cvss epss 0.00

    PHPJabbers Hotel Booking System v4.0 is vulnerable to Cross-Site Scripting (XSS) vulnerabilities in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key" parameters.

  • CVE-2023-51301Feb 19, 2025
    risk 0.00cvss epss 0.01

    A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail…

  • CVE-2025-1202Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Best Church Management Software 1.1. Affected is an unknown function of the file /admin/edit_slider.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack…

  • CVE-2025-1201Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Best Church Management Software 1.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/app/profile_crud.php. The manipulation leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-1200Feb 12, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best Church Management Software 1.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/app/slider_crud.php. The manipulation of the argument del_id leads to sql injection. The attack can be…

  • CVE-2025-1199Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Best Church Management Software 1.1. It has been classified as critical. This affects an unknown part of the file /admin/app/role_crud.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the…

  • CVE-2025-1192Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file select-menu.php. The manipulation of the argument table leads to sql injection. It is possible to launch the…

  • CVE-2025-1191Feb 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/approve-reject.php. The manipulation of the argument breject_id leads to sql injection. The…

  • CVE-2025-1169Feb 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /image-compressor/compressor.php. The manipulation of the argument image leads to cross site scripting. The attack may…

  • CVE-2025-1168Feb 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-contact.php. The manipulation of the argument contact leads to sql injection. The attack can…

  • CVE-2025-1166Feb 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The…

  • CVE-2025-1160Feb 10, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. The…

  • CVE-2024-57523Feb 6, 2025
    risk 0.00cvss epss 0.00

    Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authenticated admin user.

  • CVE-2020-36084Feb 5, 2025
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/delete_teacher_students.php?id= parameter via id field.

  • CVE-2024-57522Feb 3, 2025
    risk 0.00cvss epss 0.01

    SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in Users.php. An attacker can inject a malicious script into the username or name field during user creation.

  • CVE-2025-0802Jan 29, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of the component Administrative Endpoint. The manipulation leads to improper access…

  • CVE-2025-0800Jan 29, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file /pcci/admin/saveeditt.php of the component Edit Teacher. The manipulation of the argument fname leads to cross site scripting. It is…

  • CVE-2025-0464Jan 14, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting.…

  • CVE-2024-55000Jan 14, 2025
    risk 0.00cvss epss 0.00

    Sourcecodester House Rental Management system v1.0 is vulnerable to Cross Site Scripting (XSS) in rental/manage_categories.php.

  • CVE-2025-0294Jan 7, 2025
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Home Clean Services Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /public_html/admin/process.php. The manipulation of the argument type/length/business…

  • CVE-2025-0173Jan 2, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /orders/view_order.php. The manipulation of the argument id leads to sql injection. The attack may be launched…

  • CVE-2024-13069Dec 31, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Multi Role Login System 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/add-user.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the…

  • CVE-2024-13021Dec 29, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in SourceCodester Road Accident Map Marker 1.0. Affected by this issue is some unknown functionality of the file /endpoint/add-mark.php. The manipulation of the argument mark_name/details leads to cross site…

  • CVE-2024-12536Dec 12, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected by this issue is some unknown functionality of the file /control/client_data.php. The manipulation of the argument id leads to cross…

  • CVE-2024-12357Dec 9, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be…

  • CVE-2024-12355Dec 9, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified as problematic. Affected by this vulnerability is the function ContactBook::adding of the file ContactBook.cpp. The manipulation leads to improper input validation. The attack needs…

  • CVE-2024-12354Dec 9, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on…

  • CVE-2024-12353Dec 9, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in SourceCodester Phone Contact Manager System 1.0. This issue affects the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation of the argument name leads to improper input…

  • CVE-2024-11860Nov 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=delete_tenant of the component POST Request Handler. The manipulation of the argument id leads to…

  • CVE-2024-11743Nov 26, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /rental/ajax.php?action=delete_user of the component POST Request Handler. The manipulation leads to cross-site…

  • CVE-2024-11742Nov 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Rental Management System 1.0. This issue affects some unknown processing of the file /rental/ajax.php?action=save_tenant. The manipulation of the argument…

  • CVE-2024-52675Nov 19, 2024
    risk 0.00cvss epss 0.01

    SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php.

  • CVE-2024-11262Nov 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as critical. Affected by this vulnerability is the function main of the component View All Student Marks. The manipulation leads to stack-based buffer overflow. It is possible to…

  • CVE-2024-11261Nov 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in SourceCodester Student Record Management System 1.0. Affected is an unknown function of the file StudentRecordManagementSystem.cpp of the component Number of Students Menu. The manipulation leads to memory…

  • CVE-2024-11247Nov 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Inventory Page. The manipulation of the…

  • CVE-2024-11214Nov 14, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be…

  • CVE-2024-11213Nov 14, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…

  • CVE-2024-11212Nov 14, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_product_details.php. The manipulation of the argument barcode leads to sql…

  • CVE-2024-11102Nov 12, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Hospital Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /vm/doctor/edit-doc.php. The manipulation of the argument name leads to cross site scripting. The attack…

Page 10 of 34