VYPR

Vendor CVEs

Sourcecodester

All CVEs

1,696 total · sorted by risk
  • CVE-2026-6187HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chk_prod_availability. The manipulation of the argument ID results in sql injection. The attack may be performed from…

  • CVE-2026-5575HigApr 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument Username results in sql injection. The attack may be…

  • CVE-2026-5210HigMar 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a manipulation of the argument page results in file inclusion. Remote exploitation of the attack is possible. The exploit is now public and may be used.

  • CVE-2026-5182HigMar 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Teacher Record System 1.0. Impacted is an unknown function of the file Teacher Record System of the component Parameter Handler. Performing a manipulation of the argument searchteacher results in sql injection. It is possible to…

  • CVE-2026-5180HigMar 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The…

  • CVE-2026-5179HigMar 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and…

  • CVE-2026-4838HigMar 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Malawi Online Market 1.0. The impacted element is an unknown function of the file /display.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2026-4624HigMar 24, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack…

  • CVE-2026-4615HigMar 24, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the file /search.php. Such manipulation of the argument rcode leads to sql injection. The attack may be performed from remote. The exploit is publicly available…

  • CVE-2026-3764HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadmin_user_update.php. This manipulation causes improper authorization. The attack can be initiated remotely. The exploit has…

  • CVE-2026-3762HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmin_delete_manager.php of the component Endpoint. The manipulation of the argument manager_id leads to improper authorization. It is…

  • CVE-2026-3734HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be…

  • CVE-2025-13060HigNov 12, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2025-12929HigNov 10, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function save_user/update_user of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The…

  • CVE-2025-11055HigSep 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/updateaddress.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit is now…

  • CVE-2025-10789HigSep 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit…

  • CVE-2025-10788HigSep 22, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The…

  • CVE-2025-10623HigSep 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteuser.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is…

  • CVE-2025-10621HigSep 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester Hotel Reservation System 1.0. The affected element is an unknown function of the file editroomimage.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2025-10482HigSep 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now…

  • CVE-2025-10479HigSep 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely.…

  • CVE-2025-9833HigSep 2, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Online Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/login.php. Performing manipulation of the argument uname results in sql injection. It is possible to initiate the…

  • CVE-2025-9790HigSep 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Hotel Reservation System 1.0. This affects an unknown part of the file /admin/updateabout.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit has been…

  • CVE-2025-9789HigSep 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file /admin/edituser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-9788HigSep 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_class.php. Executing manipulation of the argument id_no can lead to sql injection. The attack can be…

  • CVE-2025-9771HigSep 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Eye Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file /main/search_index_Diagnosis.php. Such manipulation of the argument Search leads to sql injection. It is possible to…

  • CVE-2025-9700HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published…

  • CVE-2025-9473HigAug 26, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads to sql injection. The attack can be initiated remotely. The exploit has been…

  • CVE-2025-9305HigAug 21, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2025-9304HigAug 21, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit…

  • CVE-2025-9022HigAug 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in SourceCodester Online Bank Management System up to 1.0. This issue affects some unknown processing of the file /bank/statements.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely.

  • CVE-2025-9021HigAug 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely.

  • CVE-2025-8470HigAug 2, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/deleteroom.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.…

  • CVE-2025-8469HigAug 2, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/deletegallery.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-6580HigJun 24, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-6355HigJun 20, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Online Hotel Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/execeditroom.php. The manipulation of the argument userid leads to sql injection. The attack can be…

  • CVE-2025-6160HigJun 17, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /user_customer_create_order.php. The manipulation of the argument user_id leads to sql injection. The…

  • CVE-2024-7219HigJul 30, 2024
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument Username leads to sql injection. It is possible to…

  • CVE-2021-36438MedApr 27, 2026
    risk 0.42cvss 6.5epss 0.00

    SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobportal/index.php.

  • CVE-2024-51430MedOct 31, 2024
    risk 0.42cvss 6.4epss 0.01

    Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker to execute arbitrary code via the Test Name parameter on the diagnostic/add-test.php component.

  • CVE-2026-11519MedJun 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /Product_Inventory/api/users_handler.php of the component Account Creation Handler. The manipulation of the argument ROLE results in…

  • CVE-2026-10876MedJun 5, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the argument page causes improper authorization. Remote exploitation of the attack is possible. The exploit has…

  • CVE-2026-10693MedJun 3, 2026
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated…

  • CVE-2026-10559MedJun 2, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been…

  • CVE-2026-10558MedJun 2, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is…

  • CVE-2026-9445MedMay 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the…

  • CVE-2026-9412MedMay 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly…

  • CVE-2026-9411MedMay 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGST_Invoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customer_name/category results in…

  • CVE-2026-9342MedMay 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. Impacted is an unknown function of the file /admin/patients/view_history.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely.…

  • CVE-2026-7410MedApr 29, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit…

Page 2 of 34