VYPR

Vendor CVEs

Sourcecodester

All CVEs

1,696 total · sorted by risk
  • CVE-2023-4438Aug 20, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/ajax/search_sales_report.php. The manipulation of the argument customer leads to sql injection.…

  • CVE-2023-4437Aug 20, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_sell_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to…

  • CVE-2023-4436Aug 20, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Inventory Management System 1.0. This issue affects some unknown processing of the file app/action/edit_update.php. The manipulation of the argument user_id leads to sql injection. The attack may…

  • CVE-2023-4219Aug 8, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be…

  • CVE-2023-36136Aug 8, 2023
    risk 0.00cvss epss 0.00

    PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text.

  • CVE-2023-4201Aug 7, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file ex_catagory_data.php. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be…

  • CVE-2023-4200Aug 7, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file product_data.php.. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be…

  • CVE-2023-4199Aug 7, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. This affects an unknown part of the file catagory_data.php. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to initiate the…

  • CVE-2023-4193Aug 7, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Resort Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_fee.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2023-4192Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Resort Reservation System 1.0. This affects an unknown part of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2023-4191Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be…

  • CVE-2023-4186Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Pharmacy Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_website.php. The manipulation leads to unrestricted upload. The attack can be launched…

  • CVE-2023-4185Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Hospital Management System 1.0. It has been classified as critical. Affected is an unknown function of the file patientlogin.php. The manipulation of the argument loginid/password leads to sql injection. It is possible to launch…

  • CVE-2023-4184Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file sell_return.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2023-4183Aug 6, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file edit_update.php of the component Password Handler. The manipulation of the argument user_id leads to improper…

  • CVE-2023-4182Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. This affects an unknown part of the file edit_sell.php. The manipulation of the argument up_pid leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2023-4181Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this issue is some unknown functionality of the file /vm/admin/delete-doctor.php?id=2 of the component Redirect Handler. The…

  • CVE-2023-4180Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file /vm/login.php. The manipulation of the argument useremail/userpassword leads to sql…

  • CVE-2023-4179Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected is an unknown function of the file /vm/doctor/doctors.php?action=view. The manipulation of the argument id leads to sql injection. It is…

  • CVE-2023-4176Aug 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file appointmentapproval.php. The manipulation of the argument time leads to sql injection. It is possible to initiate the attack…

  • CVE-2023-36134Aug 3, 2023
    risk 0.00cvss epss 0.00

    In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.

  • CVE-2023-36137Aug 3, 2023
    risk 0.00cvss epss 0.00

    There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0.

  • CVE-2023-36158Aug 3, 2023
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page.

  • CVE-2023-36135Aug 3, 2023
    risk 0.00cvss epss 0.00

    User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

  • CVE-2023-3989Jul 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Jewelry Store System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add_customer.php. The manipulation leads to cross site scripting. The attack may be launched remotely.…

  • CVE-2023-3987Jul 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage_user&id=3. The manipulation of the argument id leads to sql injection. It is…

  • CVE-2023-3986Jul 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=user/list. The manipulation of the argument First Name/Last Name/Username leads to cross…

  • CVE-2023-3985Jul 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Online Jewelry Store 1.0 and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely.…

  • CVE-2023-3806Jul 21, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester House Rental and Property Listing System 1.0. Affected is an unknown function of the file btn_functions.php. The manipulation leads to unrestricted upload. It is possible to launch the attack…

  • CVE-2023-3694Jul 16, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester/projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /index.php. The manipulation of the argument keywords/location leads to sql injection.…

  • CVE-2023-31705Jul 13, 2023
    risk 0.00cvss epss 0.00

    A Reflected Cross-site scripting (XSS) vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter.

  • CVE-2023-31704Jul 13, 2023
    risk 0.00cvss epss 0.01

    Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's role.

  • CVE-2023-3644Jul 12, 2023
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_inquiry. The manipulation of the argument id leads to sql injection. The attack…

  • CVE-2023-37628Jul 12, 2023
    risk 0.00cvss epss 0.01

    Online Piggery Management System 1.0 is vulnerable to SQL Injection.

  • CVE-2023-3617Jul 11, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin_class.php of the component Login Page. The manipulation of the argument username leads to sql injection. It is possible…

  • CVE-2023-3599Jul 10, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function save_user of the file admin_class.php of the component Add User Handler. The manipulation leads to improper access controls. The…

  • CVE-2023-3534Jul 7, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical. Affected is an unknown function of the file check_availability.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely.…

  • CVE-2023-3503Jul 4, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Shopping Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The…

  • CVE-2023-3502Jul 4, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Shopping Website 1.0. Affected is an unknown function of the file search-result.php. The manipulation of the argument product leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2023-3458Jun 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Shopping Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file forgot-password.php. The manipulation of the argument contact leads to sql injection. The attack can be…

  • CVE-2023-3457Jun 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2023-1722Jun 24, 2023
    risk 0.00cvss epss 0.00

    Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.

  • CVE-2023-1721Jun 23, 2023
    risk 0.00cvss epss 0.01

    Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.

  • CVE-2023-3383Jun 23, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Game Result Matrix System 1.0. This affects an unknown part of the file /dipam/athlete-profile.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection.…

  • CVE-2023-3382Jun 23, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in SourceCodester Game Result Matrix System 1.0. Affected by this issue is some unknown functionality of the file /dipam/save-delegates.php of the component GET Parameter Handler. The manipulation of the…

  • CVE-2023-3381Jun 23, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in SourceCodester Online School Fees System 1.0. Affected by this vulnerability is an unknown functionality of the file /paysystem/datatable.php of the component GET Parameter Handler. The manipulation of the argument doj leads…

  • CVE-2023-3340Jun 20, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online School Fees System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajx.php of the component GET Parameter Handler. The manipulation of the argument name_startsWith leads to sql…

  • CVE-2023-3318Jun 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Resort Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely.…

  • CVE-2023-3309Jun 18, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file ?page=rooms of the component Manage Room Page. The manipulation of the argument Cottage Number leads to…

  • CVE-2023-3189Jun 14, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in SourceCodester Online School Fees System 1.0. This affects an unknown part of the file /paysystem/branch.php of the component POST Parameter Handler. The manipulation of the argument branch leads to cross site…

Page 23 of 34