Vendor CVEs
Sourcecodester
All CVEs
1,696 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6609 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection.… | ||
| CVE-2025-6608 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-services.php. The manipulation of the argument editid leads to sql injection. The… | ||
| CVE-2025-6607 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack… | ||
| CVE-2025-6606 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. The manipulation of the argument Type leads to sql injection. The attack may be… | ||
| CVE-2025-6605 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely.… | ||
| CVE-2025-6604 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely.… | ||
| CVE-2025-6583 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack… | ||
| CVE-2025-6582 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-detailed.php. The manipulation of the argument editid leads to sql injection. The… | ||
| CVE-2025-6581 | Med | 0.41 | 6.3 | 0.00 | Jun 24, 2025 | A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The manipulation of the argument name/email/mobilenum/gender/details/dob/marriage_date… | ||
| CVE-2024-7221 | Med | 0.41 | 6.3 | 0.01 | Jul 30, 2024 | A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manage_user.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been… | ||
| CVE-2024-7220 | Med | 0.41 | 6.3 | 0.01 | Jul 30, 2024 | A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/print_barcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack… | ||
| CVE-2026-36324 | Med | 0.40 | 6.1 | 0.00 | May 29, 2026 | SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) due to improper handling of user supplied input in the user registration functionality in register.php. | ||
| CVE-2026-30561 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_purchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30560 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_supplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30559 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_sales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30558 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_customer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30557 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30556 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary… | ||
| CVE-2026-30566 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30565 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_supplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30564 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_payments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject… | ||
| CVE-2026-30563 | Med | 0.40 | 6.1 | 0.00 | Mar 30, 2026 | A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the update_details.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated… | ||
| CVE-2026-30567 | Med | 0.40 | 6.1 | 0.00 | Mar 27, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_product.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via… | ||
| CVE-2026-30571 | Med | 0.40 | 6.1 | 0.00 | Mar 27, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_category.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via… | ||
| CVE-2026-30570 | Med | 0.40 | 6.1 | 0.00 | Mar 27, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a… | ||
| CVE-2026-30569 | Med | 0.40 | 6.1 | 0.00 | Mar 27, 2026 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_stock_availability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to… | ||
| CVE-2026-6201 | Med | 0.35 | 5.4 | 0.00 | Apr 13, 2026 | A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manipulation of the argument ID leads to improper access controls. The attack can be… | ||
| CVE-2026-3761 | Med | 0.35 | 5.4 | 0.00 | Mar 8, 2026 | A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The… | ||
| CVE-2026-11552 | Med | 0.34 | 5.3 | 0.00 | Jun 8, 2026 | A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import_users.php. The manipulation of the… | ||
| CVE-2026-11515 | Med | 0.34 | 5.3 | 0.00 | Jun 8, 2026 | A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword_reset.php of the component Password Reset Handler. Such manipulation of the argument new_password… | ||
| CVE-2026-10255 | Med | 0.34 | 5.3 | 0.00 | Jun 1, 2026 | A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sell_statement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be… | ||
| CVE-2026-10254 | Med | 0.34 | 5.3 | 0.00 | Jun 1, 2026 | A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. The attack can be initiated remotely. The exploit has been published and may be… | ||
| CVE-2026-5326 | Med | 0.34 | 5.3 | 0.00 | Apr 2, 2026 | A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manage_user of the component User Information Handler. Such manipulation of the argument ID leads to authorization bypass. The attack can be… | ||
| CVE-2026-10248 | Med | 0.31 | 4.7 | 0.00 | Jun 1, 2026 | A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function create_supplier of the file /Export_csv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name… | ||
| CVE-2026-10237 | Med | 0.31 | 4.7 | 0.00 | Jun 1, 2026 | A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_user of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote… | ||
| CVE-2026-9446 | Med | 0.31 | 4.7 | 0.00 | May 25, 2026 | A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/edit_customer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit… | ||
| CVE-2026-9444 | Med | 0.31 | 4.7 | 0.00 | May 25, 2026 | A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be… | ||
| CVE-2026-7409 | Med | 0.31 | 4.7 | 0.00 | Apr 29, 2026 | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may… | ||
| CVE-2026-7408 | Med | 0.31 | 4.7 | 0.00 | Apr 29, 2026 | A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is… | ||
| CVE-2026-7407 | Med | 0.31 | 4.7 | 0.00 | Apr 29, 2026 | A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /pizzafy/admin/ajax.php?action=save_settings of the component Setting Handler. Such manipulation leads to sql… | ||
| CVE-2026-7394 | Med | 0.31 | 4.7 | 0.00 | Apr 29, 2026 | A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/view_order.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql… | ||
| CVE-2026-7393 | Med | 0.31 | 4.7 | 0.00 | Apr 29, 2026 | A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save_menu of the file /admin/admin_class_novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack… | ||
| CVE-2026-7293 | Med | 0.31 | 4.7 | 0.00 | Apr 28, 2026 | A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function delete_category of the file /admin/ajax.php?action=delete_category. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The… | ||
| CVE-2026-7283 | Med | 0.31 | 4.7 | 0.00 | Apr 28, 2026 | A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function save_expired of the file /ajax.php?action=save_expired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack… | ||
| CVE-2026-7282 | Med | 0.31 | 4.7 | 0.00 | Apr 28, 2026 | A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function delete_expired of the file /ajax.php?action=delete_expired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack… | ||
| CVE-2026-7028 | Med | 0.31 | 4.7 | 0.00 | Apr 26, 2026 | A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Performing a manipulation of the argument ID results in sql injection. The attack is… | ||
| CVE-2025-10081 | Med | 0.31 | 4.7 | 0.00 | Sep 8, 2025 | A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown function of the file /admin/profile.php. This manipulation of the argument website_image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been… | ||
| CVE-2026-12176 | Med | 0.28 | 4.3 | 0.00 | Jun 14, 2026 | A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be… | ||
| CVE-2026-11518 | Med | 0.28 | 4.3 | 0.00 | Jun 8, 2026 | A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be… | ||
| CVE-2026-10624 | Med | 0.28 | 4.3 | 0.00 | Jun 2, 2026 | A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection.…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-services.php. The manipulation of the argument editid leads to sql injection. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. The manipulation of the argument Type leads to sql injection. The attack may be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely.…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely.…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-detailed.php. The manipulation of the argument editid leads to sql injection. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The manipulation of the argument name/email/mobilenum/gender/details/dob/marriage_date…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manage_user.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/print_barcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack…
- risk 0.40cvss 6.1epss 0.00
SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) due to improper handling of user supplied input in the user registration functionality in register.php.
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_purchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_supplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_sales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_customer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_supplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_payments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…
- risk 0.40cvss 6.1epss 0.00
A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the update_details.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_product.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_category.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a…
- risk 0.40cvss 6.1epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_stock_availability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to…
- risk 0.35cvss 5.4epss 0.00
A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manipulation of the argument ID leads to improper access controls. The attack can be…
- risk 0.35cvss 5.4epss 0.00
A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The…
- risk 0.34cvss 5.3epss 0.00
A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import_users.php. The manipulation of the…
- risk 0.34cvss 5.3epss 0.00
A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword_reset.php of the component Password Reset Handler. Such manipulation of the argument new_password…
- risk 0.34cvss 5.3epss 0.00
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sell_statement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be…
- risk 0.34cvss 5.3epss 0.00
A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. The attack can be initiated remotely. The exploit has been published and may be…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manage_user of the component User Information Handler. Such manipulation of the argument ID leads to authorization bypass. The attack can be…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function create_supplier of the file /Export_csv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_user of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote…
- risk 0.31cvss 4.7epss 0.00
A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/edit_customer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be…
- risk 0.31cvss 4.7epss 0.00
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is…
- risk 0.31cvss 4.7epss 0.00
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /pizzafy/admin/ajax.php?action=save_settings of the component Setting Handler. Such manipulation leads to sql…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/view_order.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save_menu of the file /admin/admin_class_novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function delete_category of the file /admin/ajax.php?action=delete_category. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The…
- risk 0.31cvss 4.7epss 0.00
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function save_expired of the file /ajax.php?action=save_expired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function delete_expired of the file /ajax.php?action=delete_expired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack…
- risk 0.31cvss 4.7epss 0.00
A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Performing a manipulation of the argument ID results in sql injection. The attack is…
- risk 0.31cvss 4.7epss 0.00
A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown function of the file /admin/profile.php. This manipulation of the argument website_image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been…
- risk 0.28cvss 4.3epss 0.00
A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be…
- risk 0.28cvss 4.3epss 0.00
A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of…
Page 4 of 34