Vendor CVEs
Sourcecodester
All CVEs
1,696 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-2070 | 0.00 | — | 0.01 | Mar 1, 2024 | A vulnerability classified as problematic was found in SourceCodester FAQ Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-faq.php. The manipulation of the argument question/answer leads to cross site scripting. The… | |||
| CVE-2024-2069 | 0.00 | — | 0.01 | Mar 1, 2024 | A vulnerability classified as critical has been found in SourceCodester FAQ Management System 1.0. Affected is an unknown function of the file /endpoint/delete-faq.php. The manipulation of the argument faq leads to sql injection. It is possible to launch the attack remotely. The… | |||
| CVE-2024-2068 | 0.00 | — | 0.03 | Mar 1, 2024 | A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may… | |||
| CVE-2024-2067 | 0.00 | — | 0.00 | Mar 1, 2024 | A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-computer.php. The manipulation of the argument computer leads to sql injection. The attack can be… | |||
| CVE-2024-2066 | 0.00 | — | 0.00 | Mar 1, 2024 | A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate… | |||
| CVE-2024-2065 | 0.00 | — | 0.00 | Mar 1, 2024 | A vulnerability was found in SourceCodester Barangay Population Monitoring System up to 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /endpoint/update-resident.php. The manipulation of the argument full_name leads to cross… | |||
| CVE-2024-2063 | 0.00 | — | 0.00 | Mar 1, 2024 | A vulnerability, which was classified as problematic, was found in SourceCodester Petrol Pump Management Software 1.0. Affected is an unknown function of the file /admin/app/profile_crud.php. The manipulation of the argument username leads to cross site scripting. It is possible… | |||
| CVE-2024-2062 | 0.00 | — | 0.01 | Mar 1, 2024 | A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. This issue affects some unknown processing of the file /admin/edit_categories.php. The manipulation of the argument id leads to sql injection. The attack may… | |||
| CVE-2024-2061 | 0.00 | — | 0.01 | Mar 1, 2024 | A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. This vulnerability affects unknown code of the file /admin/edit_supplier.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely.… | |||
| CVE-2024-2060 | 0.00 | — | 0.01 | Mar 1, 2024 | A vulnerability classified as critical has been found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/app/login_crud.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2024-2059 | 0.00 | — | 0.01 | Mar 1, 2024 | A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/app/service_crud.php. The manipulation of the argument photo leads to unrestricted upload. The… | |||
| CVE-2024-2058 | 0.00 | — | 0.01 | Mar 1, 2024 | A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/product.php. The manipulation of the argument photo leads to unrestricted upload.… | |||
| CVE-2024-25239 | 0.00 | — | 0.01 | Feb 29, 2024 | SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php. | |||
| CVE-2024-1972 | 0.00 | — | 0.00 | Feb 28, 2024 | A vulnerability was found in SourceCodester Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Employer/EditProfile.php. The manipulation of the argument Address leads to cross site scripting. The attack may be… | |||
| CVE-2024-1970 | 0.00 | — | 0.01 | Feb 28, 2024 | A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning System V2 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack… | |||
| CVE-2024-1926 | 0.00 | — | 0.01 | Feb 27, 2024 | A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /app/ajax/search_sales_report.php. The manipulation of the argument customer leads to sql… | |||
| CVE-2024-1923 | 0.00 | — | 0.01 | Feb 27, 2024 | A vulnerability was found in SourceCodester Simple Student Attendance System 1.0 and classified as critical. Affected by this issue is the function delete_class/delete_student of the file /ajax-api.php of the component List of Classes Page. The manipulation of the argument id… | |||
| CVE-2024-1922 | 0.00 | — | 0.01 | Feb 27, 2024 | A vulnerability has been found in SourceCodester Online Job Portal 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Employer/ManageJob.php of the component Manage Job Page. The manipulation of the argument… | |||
| CVE-2024-1919 | 0.00 | — | 0.01 | Feb 27, 2024 | A vulnerability classified as problematic was found in SourceCodester Online Job Portal 1.0. This vulnerability affects unknown code of the file /Employer/ManageWalkin.php of the component Manage Walkin Page. The manipulation of the argument Job Title leads to cross site… | |||
| CVE-2024-1878 | 0.00 | — | 0.01 | Feb 26, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /myprofile.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql injection. The… | |||
| CVE-2024-1877 | 0.00 | — | 0.01 | Feb 26, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cancel.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql… | |||
| CVE-2024-1876 | 0.00 | — | 0.01 | Feb 26, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23 leads to sql injection. It is possible to… | |||
| CVE-2024-1875 | 0.00 | — | 0.01 | Feb 25, 2024 | A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as critical. This issue affects some unknown processing of the file users/register-complaint.php of the component Lodge Complaint Section. The manipulation leads to unrestricted upload.… | |||
| CVE-2024-1871 | 0.00 | — | 0.01 | Feb 24, 2024 | A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. Affected is an unknown function of the file /process/assignp.php of the component Project Assignment Report. The manipulation of the argument pname leads to cross… | |||
| CVE-2024-1834 | 0.00 | — | 0.01 | Feb 23, 2024 | A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been classified as problematic. This affects an unknown part of the file ?page=attendance&class_id=1. The manipulation of the argument class_date with the input… | |||
| CVE-2024-1833 | 0.00 | — | 0.01 | Feb 23, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Account/login.php. The manipulation of the argument txtusername/txtphone leads to sql injection. The attack… | |||
| CVE-2024-1832 | 0.00 | — | 0.01 | Feb 23, 2024 | A vulnerability has been found in SourceCodester Complete File Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ of the component Admin Login Form. The manipulation of the argument username with the… | |||
| CVE-2024-1831 | 0.00 | — | 0.01 | Feb 23, 2024 | A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Affected is an unknown function of the file users/index.php of the component Login Form. The manipulation of the argument username with the input… | |||
| CVE-2024-25302 | 0.00 | — | 0.01 | Feb 9, 2024 | Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student' parameter. | |||
| CVE-2024-1269 | 0.00 | — | 0.01 | Feb 7, 2024 | A vulnerability has been found in SourceCodester Product Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /supplier.php. The manipulation of the argument supplier_name/supplier_contact leads to cross site scripting. The… | |||
| CVE-2024-1215 | 0.00 | — | 0.01 | Feb 3, 2024 | A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file fetch_data.php. The manipulation of the argument username/city leads to cross site scripting. The attack… | |||
| CVE-2024-1197 | 0.00 | — | 0.01 | Feb 2, 2024 | A vulnerability, which was classified as critical, has been found in SourceCodester Testimonial Page Manager 1.0. This issue affects some unknown processing of the file delete-testimonial.php of the component HTTP GET Request Handler. The manipulation of the argument testimony… | |||
| CVE-2024-1196 | 0.00 | — | 0.00 | Feb 2, 2024 | A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1.0. This vulnerability affects unknown code of the file add-testimonial.php of the component HTTP POST Request Handler. The manipulation of the argument name/description/testimony… | |||
| CVE-2024-1111 | 0.00 | — | 0.00 | Jan 31, 2024 | A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may… | |||
| CVE-2024-1028 | 0.00 | — | 0.00 | Jan 30, 2024 | A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Post Handler. The manipulation of the argument Description with the input… | |||
| CVE-2024-1027 | 0.00 | — | 0.00 | Jan 30, 2024 | A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier… | |||
| CVE-2024-1024 | 0.00 | — | 0.00 | Jan 30, 2024 | A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. This vulnerability affects unknown code of the component New Account Handler. The manipulation of the argument First Name/Last Name with the input… | |||
| CVE-2024-1011 | 0.00 | — | 0.01 | Jan 29, 2024 | A vulnerability classified as problematic was found in SourceCodester Employee Management System 1.0. This vulnerability affects unknown code of the file delete-leave.php of the component Leave Handler. The manipulation of the argument id leads to improper access controls. The… | |||
| CVE-2024-1010 | 0.00 | — | 0.01 | Jan 29, 2024 | A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site… | |||
| CVE-2024-1009 | 0.00 | — | 0.01 | Jan 29, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be… | |||
| CVE-2024-1008 | 0.00 | — | 0.01 | Jan 29, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Profile Page. The manipulation leads to unrestricted upload. The… | |||
| CVE-2024-1007 | 0.00 | — | 0.01 | Jan 29, 2024 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file edit_profile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack… | |||
| CVE-2024-24136 | 0.00 | — | 0.01 | Jan 29, 2024 | The 'Your Name' field in the Submit Score section of Sourcecodester Math Game with Leaderboard v1.0 is vulnerable to Cross-Site Scripting (XSS) attacks. | |||
| CVE-2024-24140 | 0.00 | — | 0.01 | Jan 29, 2024 | Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.' | |||
| CVE-2024-24134 | 0.00 | — | 0.01 | Jan 29, 2024 | Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting (XSS) via the 'Menu Name' and 'Description' fields in the Update Menu section. | |||
| CVE-2024-24135 | 0.00 | — | 0.01 | Jan 29, 2024 | Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks. | |||
| CVE-2024-0884 | 0.00 | — | 0.01 | Jan 25, 2024 | A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated… | |||
| CVE-2024-0883 | 0.00 | — | 0.01 | Jan 25, 2024 | A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection. The attack can be… | |||
| CVE-2024-0735 | 0.00 | — | 0.01 | Jan 19, 2024 | A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. Affected by this issue is the function exec of the file admin/operations/expense.php. The manipulation leads to sql injection. The attack may be launched… | |||
| CVE-2024-0504 | 0.00 | — | 0.01 | Jan 13, 2024 | A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file add_reserve.php of the component Make a Reservation Page. The manipulation of the argument… |
- CVE-2024-2070Mar 1, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester FAQ Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-faq.php. The manipulation of the argument question/answer leads to cross site scripting. The…
- CVE-2024-2069Mar 1, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester FAQ Management System 1.0. Affected is an unknown function of the file /endpoint/delete-faq.php. The manipulation of the argument faq leads to sql injection. It is possible to launch the attack remotely. The…
- CVE-2024-2068Mar 1, 2024risk 0.00cvss —epss 0.03
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may…
- CVE-2024-2067Mar 1, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-computer.php. The manipulation of the argument computer leads to sql injection. The attack can be…
- CVE-2024-2066Mar 1, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate…
- CVE-2024-2065Mar 1, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Barangay Population Monitoring System up to 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /endpoint/update-resident.php. The manipulation of the argument full_name leads to cross…
- CVE-2024-2063Mar 1, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in SourceCodester Petrol Pump Management Software 1.0. Affected is an unknown function of the file /admin/app/profile_crud.php. The manipulation of the argument username leads to cross site scripting. It is possible…
- CVE-2024-2062Mar 1, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. This issue affects some unknown processing of the file /admin/edit_categories.php. The manipulation of the argument id leads to sql injection. The attack may…
- CVE-2024-2061Mar 1, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. This vulnerability affects unknown code of the file /admin/edit_supplier.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely.…
- CVE-2024-2060Mar 1, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/app/login_crud.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack…
- CVE-2024-2059Mar 1, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/app/service_crud.php. The manipulation of the argument photo leads to unrestricted upload. The…
- CVE-2024-2058Mar 1, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/product.php. The manipulation of the argument photo leads to unrestricted upload.…
- CVE-2024-25239Feb 29, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php.
- CVE-2024-1972Feb 28, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Employer/EditProfile.php. The manipulation of the argument Address leads to cross site scripting. The attack may be…
- CVE-2024-1970Feb 28, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning System V2 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack…
- CVE-2024-1926Feb 27, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /app/ajax/search_sales_report.php. The manipulation of the argument customer leads to sql…
- CVE-2024-1923Feb 27, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0 and classified as critical. Affected by this issue is the function delete_class/delete_student of the file /ajax-api.php of the component List of Classes Page. The manipulation of the argument id…
- CVE-2024-1922Feb 27, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Online Job Portal 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Employer/ManageJob.php of the component Manage Job Page. The manipulation of the argument…
- CVE-2024-1919Feb 27, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Online Job Portal 1.0. This vulnerability affects unknown code of the file /Employer/ManageWalkin.php of the component Manage Walkin Page. The manipulation of the argument Job Title leads to cross site…
- CVE-2024-1878Feb 26, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /myprofile.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql injection. The…
- CVE-2024-1877Feb 26, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cancel.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql…
- CVE-2024-1876Feb 26, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23 leads to sql injection. It is possible to…
- CVE-2024-1875Feb 25, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as critical. This issue affects some unknown processing of the file users/register-complaint.php of the component Lodge Complaint Section. The manipulation leads to unrestricted upload.…
- CVE-2024-1871Feb 24, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. Affected is an unknown function of the file /process/assignp.php of the component Project Assignment Report. The manipulation of the argument pname leads to cross…
- CVE-2024-1834Feb 23, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been classified as problematic. This affects an unknown part of the file ?page=attendance&class_id=1. The manipulation of the argument class_date with the input…
- CVE-2024-1833Feb 23, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Account/login.php. The manipulation of the argument txtusername/txtphone leads to sql injection. The attack…
- CVE-2024-1832Feb 23, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Complete File Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ of the component Admin Login Form. The manipulation of the argument username with the…
- CVE-2024-1831Feb 23, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Affected is an unknown function of the file users/index.php of the component Login Form. The manipulation of the argument username with the input…
- CVE-2024-25302Feb 9, 2024risk 0.00cvss —epss 0.01
Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student' parameter.
- CVE-2024-1269Feb 7, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Product Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /supplier.php. The manipulation of the argument supplier_name/supplier_contact leads to cross site scripting. The…
- CVE-2024-1215Feb 3, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file fetch_data.php. The manipulation of the argument username/city leads to cross site scripting. The attack…
- CVE-2024-1197Feb 2, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in SourceCodester Testimonial Page Manager 1.0. This issue affects some unknown processing of the file delete-testimonial.php of the component HTTP GET Request Handler. The manipulation of the argument testimony…
- CVE-2024-1196Feb 2, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1.0. This vulnerability affects unknown code of the file add-testimonial.php of the component HTTP POST Request Handler. The manipulation of the argument name/description/testimony…
- CVE-2024-1111Jan 31, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may…
- CVE-2024-1028Jan 30, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Post Handler. The manipulation of the argument Description with the input…
- CVE-2024-1027Jan 30, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier…
- CVE-2024-1024Jan 30, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. This vulnerability affects unknown code of the component New Account Handler. The manipulation of the argument First Name/Last Name with the input…
- CVE-2024-1011Jan 29, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Employee Management System 1.0. This vulnerability affects unknown code of the file delete-leave.php of the component Leave Handler. The manipulation of the argument id leads to improper access controls. The…
- CVE-2024-1010Jan 29, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site…
- CVE-2024-1009Jan 29, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be…
- CVE-2024-1008Jan 29, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Profile Page. The manipulation leads to unrestricted upload. The…
- CVE-2024-1007Jan 29, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file edit_profile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack…
- CVE-2024-24136Jan 29, 2024risk 0.00cvss —epss 0.01
The 'Your Name' field in the Submit Score section of Sourcecodester Math Game with Leaderboard v1.0 is vulnerable to Cross-Site Scripting (XSS) attacks.
- CVE-2024-24140Jan 29, 2024risk 0.00cvss —epss 0.01
Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'
- CVE-2024-24134Jan 29, 2024risk 0.00cvss —epss 0.01
Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting (XSS) via the 'Menu Name' and 'Description' fields in the Update Menu section.
- CVE-2024-24135Jan 29, 2024risk 0.00cvss —epss 0.01
Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks.
- CVE-2024-0884Jan 25, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated…
- CVE-2024-0883Jan 25, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection. The attack can be…
- CVE-2024-0735Jan 19, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. Affected by this issue is the function exec of the file admin/operations/expense.php. The manipulation leads to sql injection. The attack may be launched…
- CVE-2024-0504Jan 13, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file add_reserve.php of the component Make a Reservation Page. The manipulation of the argument…
Page 20 of 34