Vendor CVEs
Sourcecodester
All CVEs
1,696 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-5813 | 0.00 | — | 0.00 | Oct 27, 2023 | A vulnerability was found in SourceCodester Task Reminder System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_reminder. The manipulation of the argument id leads to sql injection. The attack may be… | |||
| CVE-2023-5805 | 0.00 | — | 0.01 | Oct 26, 2023 | A vulnerability was found in SourceCodester Simple Real Estate Portal System 1.0. It has been classified as critical. Affected is an unknown function of the file view_estate.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack… | |||
| CVE-2023-46435 | 0.00 | — | 0.01 | Oct 26, 2023 | Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/view_service&id. | |||
| CVE-2023-46450 | 0.00 | — | 0.00 | Oct 26, 2023 | Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting (XSS) via the Add supplier function. | |||
| CVE-2023-46449 | 0.00 | — | 0.01 | Oct 26, 2023 | Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function. | |||
| CVE-2023-5589 | 0.00 | — | 0.01 | Oct 15, 2023 | A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2023-5587 | 0.00 | — | 0.01 | Oct 15, 2023 | A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /vm/admin/doctors.php of the component Parameter Handler. The manipulation of the… | |||
| CVE-2023-5585 | 0.00 | — | 0.00 | Oct 14, 2023 | A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/?page=bike of the component Bike List. The manipulation of the argument Model with the input… | |||
| CVE-2023-5581 | 0.00 | — | 0.01 | Oct 14, 2023 | A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The… | |||
| CVE-2023-5580 | 0.00 | — | 0.01 | Oct 14, 2023 | A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been… | |||
| CVE-2023-5374 | 0.00 | — | 0.01 | Oct 4, 2023 | A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack can be launched… | |||
| CVE-2023-5373 | 0.00 | — | 0.01 | Oct 4, 2023 | A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely.… | |||
| CVE-2023-5302 | 0.00 | — | 0.01 | Sep 30, 2023 | A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting.… | |||
| CVE-2023-5286 | 0.00 | — | 0.00 | Sep 29, 2023 | A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file add_category.php of the component Category Handler. The manipulation of the argument category_name… | |||
| CVE-2023-5273 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated… | |||
| CVE-2023-5272 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit… | |||
| CVE-2023-5271 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been… | |||
| CVE-2023-5270 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has… | |||
| CVE-2023-5269 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id/s leads to sql injection.… | |||
| CVE-2023-43944 | 0.00 | — | 0.00 | Sep 29, 2023 | A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list. | |||
| CVE-2023-30415 | 0.00 | — | 0.01 | Sep 28, 2023 | Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/view_inquiry.php. | |||
| CVE-2023-44047 | 0.00 | — | 0.01 | Sep 27, 2023 | Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Injection. | |||
| CVE-2023-44048 | 0.00 | — | 0.00 | Sep 27, 2023 | Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category. | |||
| CVE-2023-43469 | 0.00 | — | 0.01 | Sep 22, 2023 | SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the ForPass.php component. | |||
| CVE-2023-43468 | 0.00 | — | 0.01 | Sep 22, 2023 | SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the login.php component. | |||
| CVE-2023-40945 | 0.00 | — | 0.01 | Sep 11, 2023 | Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php. | |||
| CVE-2023-4866 | 0.00 | — | 0.01 | Sep 9, 2023 | A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects the function exec of the file booking.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely.… | |||
| CVE-2023-4865 | 0.00 | — | 0.00 | Sep 9, 2023 | A vulnerability has been found in SourceCodester Take-Note App 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and… | |||
| CVE-2023-4864 | 0.00 | — | 0.01 | Sep 9, 2023 | A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input leads to cross site scripting. It is… | |||
| CVE-2023-4848 | 0.00 | — | 0.01 | Sep 9, 2023 | A vulnerability classified as critical was found in SourceCodester Simple Book Catalog App 1.0. Affected by this vulnerability is an unknown functionality of the file delete_book.php. The manipulation of the argument delete leads to sql injection. The attack can be launched… | |||
| CVE-2023-4847 | 0.00 | — | 0.01 | Sep 9, 2023 | A vulnerability classified as problematic has been found in SourceCodester Simple Book Catalog App 1.0. Affected is an unknown function of the component Update Book Form. The manipulation of the argument book_title/book_author leads to cross site scripting. It is possible to… | |||
| CVE-2023-39712 | 0.00 | — | 0.01 | Sep 8, 2023 | Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section. | |||
| CVE-2023-4749 | 0.00 | — | 0.01 | Sep 4, 2023 | A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page leads to file inclusion. It is possible to launch the attack remotely. The… | |||
| CVE-2023-39714 | 0.00 | — | 0.01 | Sep 1, 2023 | Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section. | |||
| CVE-2023-39710 | 0.00 | — | 0.01 | Sep 1, 2023 | Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section. | |||
| CVE-2023-39709 | 0.00 | — | 0.01 | Aug 28, 2023 | Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section. | |||
| CVE-2023-39708 | 0.00 | — | 0.01 | Aug 28, 2023 | A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section. | |||
| CVE-2023-40760 | 0.00 | — | 0.01 | Aug 28, 2023 | User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||
| CVE-2023-4558 | 0.00 | — | 0.01 | Aug 27, 2023 | A vulnerability classified as critical was found in SourceCodester Inventory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file staff_data.php. The manipulation of the argument columns[0][data] leads to sql injection. The attack can be… | |||
| CVE-2023-4557 | 0.00 | — | 0.01 | Aug 27, 2023 | A vulnerability classified as critical has been found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_purchase_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to… | |||
| CVE-2023-4556 | 0.00 | — | 0.01 | Aug 27, 2023 | A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is the function mysqli_query of the file sexit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely.… | |||
| CVE-2023-4555 | 0.00 | — | 0.00 | Aug 27, 2023 | A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file suppliar_data.php. The manipulation of the argument name/company leads to cross site scripting.… | |||
| CVE-2023-39707 | 0.00 | — | 0.01 | Aug 25, 2023 | A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section. | |||
| CVE-2023-4449 | 0.00 | — | 0.01 | Aug 21, 2023 | A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php?page=member. The manipulation of the argument columns[0][data] leads to sql injection. It… | |||
| CVE-2023-4444 | 0.00 | — | 0.01 | Aug 21, 2023 | A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file vm\patient\edit-user.php. The manipulation of the argument… | |||
| CVE-2023-4443 | 0.00 | — | 0.01 | Aug 21, 2023 | A vulnerability classified as critical has been found in SourceCodester Free Hospital Management System for Small Practices 1.0/5.0.12. Affected is an unknown function of the file vm\doctor\edit-doc.php. The manipulation of the argument id00/nic/oldemail/email/spec/Tele leads to… | |||
| CVE-2023-4442 | 0.00 | — | 0.01 | Aug 21, 2023 | A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been rated as critical. This issue affects some unknown processing of the file \vm\patient\booking-complete.php. The manipulation of the argument userid/apponum/scheduleid… | |||
| CVE-2023-4441 | 0.00 | — | 0.00 | Aug 20, 2023 | A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /patient/appointment.php. The manipulation of the argument sheduledate leads to sql… | |||
| CVE-2023-4440 | 0.00 | — | 0.01 | Aug 20, 2023 | A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been classified as critical. This affects an unknown part of the file appointment.php. The manipulation of the argument sheduledate leads to sql injection. It is possible… | |||
| CVE-2023-4439 | 0.00 | — | 0.00 | Aug 20, 2023 | A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Minus Value Handler. The manipulation leads to improper validation of specified quantity in input.… |
- CVE-2023-5813Oct 27, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Task Reminder System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_reminder. The manipulation of the argument id leads to sql injection. The attack may be…
- CVE-2023-5805Oct 26, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple Real Estate Portal System 1.0. It has been classified as critical. Affected is an unknown function of the file view_estate.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack…
- CVE-2023-46435Oct 26, 2023risk 0.00cvss —epss 0.01
Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/view_service&id.
- CVE-2023-46450Oct 26, 2023risk 0.00cvss —epss 0.00
Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting (XSS) via the Add supplier function.
- CVE-2023-46449Oct 26, 2023risk 0.00cvss —epss 0.01
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function.
- CVE-2023-5589Oct 15, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The…
- CVE-2023-5587Oct 15, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /vm/admin/doctors.php of the component Parameter Handler. The manipulation of the…
- CVE-2023-5585Oct 14, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/?page=bike of the component Bike List. The manipulation of the argument Model with the input…
- CVE-2023-5581Oct 14, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The…
- CVE-2023-5580Oct 14, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been…
- CVE-2023-5374Oct 4, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack can be launched…
- CVE-2023-5373Oct 4, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely.…
- CVE-2023-5302Sep 30, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting.…
- CVE-2023-5286Sep 29, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file add_category.php of the component Category Handler. The manipulation of the argument category_name…
- CVE-2023-5273Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated…
- CVE-2023-5272Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit…
- CVE-2023-5271Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been…
- CVE-2023-5270Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has…
- CVE-2023-5269Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id/s leads to sql injection.…
- CVE-2023-43944Sep 29, 2023risk 0.00cvss —epss 0.00
A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list.
- CVE-2023-30415Sep 28, 2023risk 0.00cvss —epss 0.01
Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/view_inquiry.php.
- CVE-2023-44047Sep 27, 2023risk 0.00cvss —epss 0.01
Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Injection.
- CVE-2023-44048Sep 27, 2023risk 0.00cvss —epss 0.00
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category.
- CVE-2023-43469Sep 22, 2023risk 0.00cvss —epss 0.01
SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the ForPass.php component.
- CVE-2023-43468Sep 22, 2023risk 0.00cvss —epss 0.01
SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the login.php component.
- CVE-2023-40945Sep 11, 2023risk 0.00cvss —epss 0.01
Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php.
- CVE-2023-4866Sep 9, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects the function exec of the file booking.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely.…
- CVE-2023-4865Sep 9, 2023risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Take-Note App 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and…
- CVE-2023-4864Sep 9, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input leads to cross site scripting. It is…
- CVE-2023-4848Sep 9, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Simple Book Catalog App 1.0. Affected by this vulnerability is an unknown functionality of the file delete_book.php. The manipulation of the argument delete leads to sql injection. The attack can be launched…
- CVE-2023-4847Sep 9, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester Simple Book Catalog App 1.0. Affected is an unknown function of the component Update Book Form. The manipulation of the argument book_title/book_author leads to cross site scripting. It is possible to…
- CVE-2023-39712Sep 8, 2023risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section.
- CVE-2023-4749Sep 4, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page leads to file inclusion. It is possible to launch the attack remotely. The…
- CVE-2023-39714Sep 1, 2023risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section.
- CVE-2023-39710Sep 1, 2023risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section.
- CVE-2023-39709Aug 28, 2023risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section.
- CVE-2023-39708Aug 28, 2023risk 0.00cvss —epss 0.01
A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section.
- CVE-2023-40760Aug 28, 2023risk 0.00cvss —epss 0.01
User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
- CVE-2023-4558Aug 27, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Inventory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file staff_data.php. The manipulation of the argument columns[0][data] leads to sql injection. The attack can be…
- CVE-2023-4557Aug 27, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_purchase_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to…
- CVE-2023-4556Aug 27, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is the function mysqli_query of the file sexit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely.…
- CVE-2023-4555Aug 27, 2023risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file suppliar_data.php. The manipulation of the argument name/company leads to cross site scripting.…
- CVE-2023-39707Aug 25, 2023risk 0.00cvss —epss 0.01
A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section.
- CVE-2023-4449Aug 21, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php?page=member. The manipulation of the argument columns[0][data] leads to sql injection. It…
- CVE-2023-4444Aug 21, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file vm\patient\edit-user.php. The manipulation of the argument…
- CVE-2023-4443Aug 21, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Free Hospital Management System for Small Practices 1.0/5.0.12. Affected is an unknown function of the file vm\doctor\edit-doc.php. The manipulation of the argument id00/nic/oldemail/email/spec/Tele leads to…
- CVE-2023-4442Aug 21, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been rated as critical. This issue affects some unknown processing of the file \vm\patient\booking-complete.php. The manipulation of the argument userid/apponum/scheduleid…
- CVE-2023-4441Aug 20, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /patient/appointment.php. The manipulation of the argument sheduledate leads to sql…
- CVE-2023-4440Aug 20, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been classified as critical. This affects an unknown part of the file appointment.php. The manipulation of the argument sheduledate leads to sql injection. It is possible…
- CVE-2023-4439Aug 20, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Minus Value Handler. The manipulation leads to improper validation of specified quantity in input.…
Page 22 of 34