VYPR

Vendor CVEs

Sourcecodester

All CVEs

1,696 total · sorted by risk
  • CVE-2026-9583MedMay 26, 2026
    risk 0.28cvss 4.3epss 0.00

    A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message.…

  • CVE-2026-9582MedMay 26, 2026
    risk 0.28cvss 4.3epss 0.00

    A security flaw has been discovered in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This affects an unknown function. Performing a manipulation results in cross-site request forgery. The attack is possible to be carried out remotely. The exploit…

  • CVE-2026-9413MedMay 25, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is…

  • CVE-2026-8117MedMay 8, 2026
    risk 0.28cvss 4.3epss 0.00

    A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such manipulation of the argument page leads to cross site scripting. The attack may be launched remotely. The…

  • CVE-2026-7401MedApr 29, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument…

  • CVE-2026-7230MedApr 28, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be…

  • CVE-2026-7129MedApr 27, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out…

  • CVE-2026-4971MedMar 27, 2026
    risk 0.28cvss 4.3epss 0.00

    A weakness has been identified in SourceCodester Note Taking App up to 1.0. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be…

  • CVE-2026-4968MedMar 27, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in SourceCodester Diary App 1.0. The affected element is an unknown function of the file diary.php. Executing a manipulation can lead to cross-site request forgery. The attack may be launched remotely. The exploit has been publicly disclosed and…

  • CVE-2026-3302MedFeb 27, 2026
    risk 0.28cvss 4.3epss 0.00

    A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The…

  • CVE-2025-6476MedJun 22, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in SourceCodester Gym Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to…

  • CVE-2026-11520LowJun 8, 2026
    risk 0.23cvss 3.5epss 0.00

    A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available…

  • CVE-2026-10247LowJun 1, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function create_generic_name of the file /ShowForm/create_generic_name/main. The manipulation of the argument generic_name results in cross site scripting. The…

  • CVE-2026-10246LowJun 1, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create_medicine_presentation of the file /ShowForm/create_medicine_presentation/main. The manipulation of the argument medicine_presentation leads to cross site…

  • CVE-2026-10245LowJun 1, 2026
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function create_supplier of the file /ShowForm/create_supplier/main. Executing a manipulation of the argument company_name can lead to cross site scripting. The attack…

  • CVE-2026-10244LowJun 1, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function create_medicine_name of the file /ShowForm/create_medicine_name/main. Performing a manipulation of the argument medicine_name results in cross…

  • CVE-2026-9414LowMay 25, 2026
    risk 0.23cvss 3.5epss 0.00

    A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/add_order.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customer_name…

  • CVE-2026-7390LowApr 29, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely.…

  • CVE-2026-5810LowApr 8, 2026
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is…

  • CVE-2026-4973LowMar 27, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in SourceCodester Online Quiz System up to 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-question.php. Performing a manipulation of the argument quiz_question results in cross site scripting. It is possible…

  • CVE-2025-7408LowJul 10, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in SourceCodester Zoo Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/templates/animal_form_template.php. The manipulation of the argument msg leads to cross site scripting. The attack…

  • CVE-2024-7218LowJul 30, 2024
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=save_student. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from…

  • CVE-2026-10295LowJun 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a manipulation of the argument name/comment results in denial of service. The attack…

  • CVE-2026-37602LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage_user.php.

  • CVE-2026-37601LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php.

  • CVE-2026-37600LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view_details.php.

  • CVE-2026-37598LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution (RCE) via /scheduler/classes/SystemSettings.php?f=update_settings.

  • CVE-2026-37597LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php.

  • CVE-2026-37596LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php.

  • CVE-2026-37595LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_employee.php.

  • CVE-2026-37594LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_employee.php.

  • CVE-2026-37593LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php.

  • CVE-2026-37591LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view_details.php.

  • CVE-2026-37590LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/manage_rent.php.

  • CVE-2026-37589LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/manage_storage_unit.php.

  • CVE-2026-36952LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.

  • CVE-2026-36950LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in /otas/projects_per_department.php.

  • CVE-2026-36938LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/view_room.php.

  • CVE-2026-36937LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/view_details.php.

  • CVE-2026-36942LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.

  • CVE-2026-36941LowApr 13, 2026
    risk 0.18cvss 2.7epss 0.00

    Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage_room.php.

  • CVE-2026-11468LowJun 8, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=room_types. Performing a manipulation of the argument room results in cross site scripting. The attack is possible…

  • CVE-2026-11338LowJun 5, 2026
    risk 0.16cvss 2.4epss 0.00

    A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate…

  • CVE-2026-9564LowMay 26, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/view_patient. Performing a manipulation of the argument Remarks results in cross site scripting.…

  • CVE-2026-9377LowMay 24, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely.…

  • CVE-2026-8136LowMay 8, 2026
    risk 0.16cvss 2.4epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has…

  • CVE-2026-7297LowApr 28, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be…

  • CVE-2026-7295LowApr 28, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched…

  • CVE-2026-7281LowApr 28, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be…

  • CVE-2026-7269LowApr 28, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely.…

Page 5 of 34