VYPR

Vendor CVEs

Sourcecodester

All CVEs

1,696 total · sorted by risk
  • CVE-2024-29301Mar 25, 2024
    risk 0.00cvss epss 0.01

    SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=

  • CVE-2024-24050Mar 20, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Journal App 1.0 allows attackers to run arbitrary code via parameters firstname and lastname in /add-user.php.

  • CVE-2024-2577Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization bypass. The attack can be…

  • CVE-2024-2576Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is possible to initiate the…

  • CVE-2024-2575Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to authorization bypass.…

  • CVE-2024-2574Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can…

  • CVE-2024-2573Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file /task-info.php. The manipulation leads to execution after redirect. It is possible to launch the attack remotely. The exploit…

  • CVE-2024-2572Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be initiated remotely. The…

  • CVE-2024-2571Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be initiated remotely. The…

  • CVE-2024-2570Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect. It is possible to initiate the attack remotely. The…

  • CVE-2024-2569Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin-manage-user.php. The manipulation leads to execution after redirect. The attack may be launched…

  • CVE-2024-2556Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the…

  • CVE-2024-2555Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection. The attack may be…

  • CVE-2024-2554Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument admin_id leads to sql injection. The…

  • CVE-2024-2553Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in SourceCodester Product Review Rating System 1.0. Affected is an unknown function of the component Rate Product Handler. The manipulation of the argument Your Name/Comment leads to cross site scripting. It is…

  • CVE-2024-2418Mar 13, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view_order.php. The manipulation of the argument id leads to sql injection. The attack can be…

  • CVE-2024-2394Mar 12, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/add-admin.php. The manipulation of the argument avatar leads to unrestricted upload. The attack may…

  • CVE-2024-2393Mar 12, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file add_user.php. The manipulation of the argument city leads to sql injection. The attack can be…

  • CVE-2024-25854Mar 11, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability in Sourcecodester Insurance Management System 1.0 allows attackers to run arbitrary code via the Subject and Description fields when submitting a support ticket.

  • CVE-2024-2332Mar 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_category.php of the component HTTP GET Request Handler. The manipulation of the…

  • CVE-2024-2331Mar 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Tourist Reservation System 1.0. It has been declared as critical. This vulnerability affects the function ad_writedata of the file System.cpp. The manipulation of the argument ad_code leads to buffer overflow. The attack can be…

  • CVE-2023-41014Mar 7, 2024
    risk 0.00cvss epss 0.01

    code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via the Username parameter for "Employer."

  • CVE-2024-26492Mar 7, 2024
    risk 0.00cvss epss 0.01

    An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass parameters.

  • CVE-2023-41015Mar 7, 2024
    risk 0.00cvss epss 0.00

    code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via /Employer/DeleteJob.php?JobId=1.

  • CVE-2023-49976Mar 6, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customer_support/index.php?page=new_ticket.

  • CVE-2023-49974Mar 6, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customer_support/index.php?page=customer_list.

  • CVE-2023-49973Mar 6, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customer_support/index.php?page=customer_list.

  • CVE-2023-49971Mar 6, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customer_support/index.php?page=customer_list.

  • CVE-2023-49978Mar 6, 2024
    risk 0.00cvss epss 0.01

    Incorrect access control in Customer Support System v1 allows non-administrator users to access administrative pages and execute actions reserved for administrators.

  • CVE-2024-2168Mar 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expense_category.php of the component HTTP POST Request Handler. The manipulation of the…

  • CVE-2024-2156Mar 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been classified as critical. Affected is an unknown function of the file admin_class.php. The manipulation of the argument img leads to sql injection. It is possible to launch the attack remotely.…

  • CVE-2024-2155Mar 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best POS Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The…

  • CVE-2024-2154Mar 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Online Mobile Management Store 1.0 and classified as critical. This vulnerability affects unknown code of the file view_product.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely.…

  • CVE-2024-2153Mar 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Online Mobile Management Store 1.0. This affects an unknown part of the file /admin/orders/view_order.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the…

  • CVE-2024-2152Mar 4, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Online Mobile Management Store 1.0. Affected by this issue is some unknown functionality of the file /admin/product/manage_product.php. The manipulation of the argument id leads to sql injection.…

  • CVE-2023-49546Mar 4, 2024
    risk 0.00cvss epss 0.01

    Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php.

  • CVE-2023-49548Mar 4, 2024
    risk 0.00cvss epss 0.01

    Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customer_support/ajax.php?action=save_user.

  • CVE-2023-49968Mar 4, 2024
    risk 0.00cvss epss 0.00

    Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/manage_department.php.

  • CVE-2024-2151Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in SourceCodester Online Mobile Management Store 1.0. Affected by this vulnerability is an unknown functionality of the component Product Price Handler. The manipulation of the argument quantity with the input -1 leads to…

  • CVE-2024-2150Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Insurance Management System 1.0. This issue affects some unknown processing. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has…

  • CVE-2024-2148Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Online Mobile Management Store 1.0. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack…

  • CVE-2024-2147Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack may be…

  • CVE-2024-2146Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /?p=products. The manipulation of the argument search leads to cross site scripting. The…

  • CVE-2024-2145Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/update-tracker.php. The manipulation of the argument firstname leads to cross site scripting. It is…

  • CVE-2024-25551Mar 3, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability in sourcecodester Simple Student Attendance System v1.0 allows attackers to execute arbitrary code via crafted GET request to web application URL.

  • CVE-2024-2077Mar 1, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category_id leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2024-2075Mar 1, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/update-tracker.php. The manipulation of the argument day leads to cross site scripting. The…

  • CVE-2024-2073Mar 1, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Block Inserter for Dynamic Content 1.0 and classified as critical. This vulnerability affects unknown code of the file view_post.php. The manipulation of the argument id leads to sql injection. The attack can be initiated…

  • CVE-2024-2072Mar 1, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in SourceCodester Flashcard Quiz App 1.0. This affects an unknown part of the file /endpoint/update-flashcard.php. The manipulation of the argument question/answer leads to cross site scripting. It is possible to…

  • CVE-2024-2071Mar 1, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in SourceCodester FAQ Management System 1.0. Affected by this issue is some unknown functionality of the component Update FAQ. The manipulation of the argument Frequently Asked Question leads to cross site…

Page 19 of 34