CVE-2026-5811

A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function saveproduct of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The attack may be performe...

PT-2026-28402

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save user action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious...

CVE-2026-30531

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the saveuser operation in the Actions.php file,...

CVE-2026-27012 Unauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.php

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

Missing Authentication for Critical Function

Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the request handler in modules/utenti/actions.php. An attacker can grant themselves or...

PT-2026-5969

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions 2.9.8 and prior Description OpenSTAManager is an open source management software for technical assistance and invoicing. A SQL Injection vulnerability exists in the Stampe Module, specifically in the...

EUVD-2017-3066

Malware in sbrugna...

EUVD-2008-4428

Malware in sbrugna...

EUVD-2022-31187

Malicious code in bioql PyPI...

EUVD-2021-28688

Malicious code in bioql PyPI...

EUVD-2024-31622

Malicious code in bioql PyPI...

EUVD-2021-28518

Malicious code in bioql PyPI...

CVE-2025-8973

A vulnerability has been found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the file /Actions.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

CVE-2025-8973

A vulnerability has been found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the file /Actions.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

PT-2025-33359 · Sourcecodester · Sourcecodester Cashier Queuing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Cashier Queuing System version 1.0 Description: A SQL injection issue exists in SourceCodester Cashier Queuing System 1.0 due to the manipulation of the Username argument in the /Actions.php file. This allows for remote...

CVE-2024-8340 SourceCodester Electric Billing Management System Actions.php sql injection

A vulnerability classified as critical has been found in SourceCodester Electric Billing Management System 1.0. This affects an unknown part of the file /Actions.php?a=login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-3014

Vulnerability summary (CVE-2024-3014): SourceCodester Simple Subscription Website 1.0 contains a SQL injection in the Actions.php file, caused by unsafely handling the title parameter. This allows remote exploitation and aligns with reported public disclosures. Multiple sources confirm the root c...

CVE-2024-3014 SourceCodester Simple Subscription Website Actions.php sql injection

A vulnerability classified as critical has been found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file Actions.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-3014 SourceCodester Simple Subscription Website Actions.php sql injection

A vulnerability classified as critical has been found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file Actions.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been...