VYPR

Vendor CVEs

Sourcecodester

All CVEs

1,696 total · sorted by risk
  • CVE-2022-4234Nov 30, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Canteen Management System. It has been rated as problematic. This issue affects the function builtin_echo of the file youthappam/brand.php. The manipulation of the argument brand_name leads to cross site scripting. The attack may be…

  • CVE-2022-4233Nov 30, 2022
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /event/admin/?page=user/list. The manipulation of the argument First Name/Last Name leads to cross…

  • CVE-2022-4229Nov 30, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has…

  • CVE-2022-4228Nov 30, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to…

  • CVE-2022-4232Nov 30, 2022
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricted upload. It is possible to launch the attack remotely. VDB-214590 is the…

  • CVE-2022-4222Nov 30, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Canteen Management System. It has been rated as critical. This issue affects the function query of the file ajax_invoice.php of the component POST Request Handler. The manipulation of the argument search leads to sql injection. The…

  • CVE-2022-44400Nov 28, 2022
    risk 0.00cvss epss 0.01

    Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info.

  • CVE-2022-4091Nov 25, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Canteen Management System. It has been classified as problematic. This affects the function query of the file food.php. The manipulation of the argument product_name leads to cross site scripting. It is possible to initiate the attack…

  • CVE-2022-43117Nov 21, 2022
    risk 0.00cvss epss 0.01

    Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters.

  • CVE-2022-43162Nov 17, 2022
    risk 0.00cvss epss 0.01

    Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/view_test.php.

  • CVE-2022-3949Nov 11, 2022
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple Cashiering System. This issue affects some unknown processing of the component User Account Handler. The manipulation of the argument fullname leads to cross site scripting. The attack…

  • CVE-2022-3583Oct 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument business leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2022-3584Oct 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file edituser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2022-3503Oct 14, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name/Address/Contact person/Contact leads…

  • CVE-2022-42071Oct 14, 2022
    risk 0.00cvss epss 0.00

    Online Birth Certificate Management System version 1.0 suffers from a Cross Site Scripting (XSS) Vulnerability.

  • CVE-2022-41534Oct 13, 2022
    risk 0.00cvss epss 0.01

    Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /php_action/createOrder.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-41533Oct 13, 2022
    risk 0.00cvss epss 0.01

    Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-3452Oct 11, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument category_name leads to cross site scripting. The attack can be…

  • CVE-2022-3453Oct 11, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /transcation.php. The manipulation of the argument buyer_name leads to cross site scripting. The attack may be…

  • CVE-2022-42074Oct 7, 2022
    risk 0.00cvss epss 0.01

    Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editcategory.php?id=.

  • CVE-2022-41512Oct 7, 2022
    risk 0.00cvss epss 0.01

    An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-30004Sep 26, 2022
    risk 0.00cvss epss 0.01

    Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection..

  • CVE-2022-30003Sep 26, 2022
    risk 0.00cvss epss 0.00

    Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.

  • CVE-2022-40088Sep 22, 2022
    risk 0.00cvss epss 0.01

    Simple College Website v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /college_website/index.php?page=. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the…

  • CVE-2022-40030Sep 21, 2022
    risk 0.00cvss epss 0.01

    SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at changeStatus.php.

  • CVE-2022-40029Sep 21, 2022
    risk 0.00cvss epss 0.01

    SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the…

  • CVE-2022-40028Sep 21, 2022
    risk 0.00cvss epss 0.01

    SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the…

  • CVE-2022-40027Sep 21, 2022
    risk 0.00cvss epss 0.01

    SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newTask.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName…

  • CVE-2022-40026Sep 21, 2022
    risk 0.00cvss epss 0.01

    SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php.

  • CVE-2021-42597Sep 16, 2022
    risk 0.00cvss epss 0.00

    A Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Storage Unit Rental Management System PHP 8.0.10 , Apache 2.4.14, SURMS V 1.0 via the Add New Tenant List Rent List form.

  • CVE-2021-41731Sep 16, 2022
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS vulnerability exists in )Sourcecodester News247 News Magazine (CMS) PHP 5.6 or higher and MySQL 5.7 or higher via the blog category name field

  • CVE-2022-36667Sep 14, 2022
    risk 0.00cvss epss 0.24

    Garage Management System 1.0 is vulnerable to the Remote Code Execution (RCE) due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE.

  • CVE-2022-3122Sep 5, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file medicine_details.php. The manipulation of the argument medicine leads to sql injection. The attack…

  • CVE-2022-3121Sep 5, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The…

  • CVE-2022-3120Sep 5, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument user_name leads to sql injection. The…

  • CVE-2022-36637Sep 2, 2022
    risk 0.00cvss epss 0.00

    Garage Management System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via the brand_name parameter at /brand.php.

  • CVE-2022-36636Sep 2, 2022
    risk 0.00cvss epss 0.01

    Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php.

  • CVE-2022-36609Sep 2, 2022
    risk 0.00cvss epss 0.01

    Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php.

  • CVE-2022-3014Aug 27, 2022
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic was found in SourceCodester Simple Task Managing System. This vulnerability affects unknown code. The manipulation of the argument student_add leads to cross site scripting. The attack can be initiated remotely. The identifier of this…

  • CVE-2022-3013Aug 27, 2022
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Simple Task Managing System. This affects an unknown part of the file /loginVaLidation.php. The manipulation of the argument login leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2022-37151Aug 26, 2022
    risk 0.00cvss epss 0.01

    There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0.

  • CVE-2022-37152Aug 26, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client"

  • CVE-2022-37150Aug 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters.

  • CVE-2022-2842Aug 22, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Gym Management System. This affects an unknown part of the file login.php. The manipulation of the argument user_email leads to sql injection. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2022-36251Aug 22, 2022
    risk 0.00cvss epss 0.01

    Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php.

  • CVE-2022-2876Aug 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in SourceCodester Student Management System. Affected is an unknown function of the file index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2022-2847Aug 16, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. The attack may be…

  • CVE-2022-36242Aug 16, 2022
    risk 0.00cvss epss 0.01

    Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=.

  • CVE-2022-2813Aug 14, 2022
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in SourceCodester Guest Management System. Affected is an unknown function. The manipulation leads to cleartext storage of passwords in the database. The identifier of this vulnerability is VDB-206400.

  • CVE-2022-2812Aug 14, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Guest Management System. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username/pass leads to sql injection. The attack can be initiated remotely. The exploit has…

Page 30 of 34