EUVD-2026-28416

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be...

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a SQL injection vulnerability, which stems from the parameter ID handli...

CVE-2025-70152

code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/saveuser.php and /admin/updateuser.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters firstname, lastname,...

CVE-2025-70152

code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/saveuser.php and /admin/updateuser.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters firstname, lastname,...

CVE-2025-13347

A flaw has been found in SourceCodester Train Station Ticketing System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=saveuser. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been published...

PT-2025-47307

Name of the Vulnerable Software and Affected Versions SourceCodester Train Station Ticketing System version 1.0 Description A flaw exists in SourceCodester Train Station Ticketing System. The issue affects unknown code within the /ajax.php?action=save user file. Manipulation of the Username...

CVE-2025-13286

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-13286 itsourcecode Online Voting System ajax.php sql injection

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2023-0988

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. The attack may be initiated remotel...

PT-2024-30166 · Unknown · Kashipara Music Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: A Cross-Site Request Forgery CSRF issue was found in the system. This can be exploited through a crafted request to the "/music/ajax.php?action=save user" page. Recommendations: For...

CVE-2023-49548

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customersupport/ajax.php?action=saveuser...

Faculty Evaluation System 安全漏洞

Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A security vulnerability exists in Sourcecodester Faculty Evaluation System v1.0, which originates from an attack that can execute arbitrary code via /eval/ajax.php?action=saveuser...

PT-2023-24344 · Unknown · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Faculty Evaluation System version 1.0 Description: The issue allows for arbitrary code execution via the "/eval/ajax.php?action=save user" API endpoint. This could potentially lead to unauthorized access and control of the...

PT-2023-16998 · Unknown · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found in the Password Change Handler component, specifically affecting the file admin/ajax.php?action=save user. This leads to improper...

Online Pizza Ordering System 授权问题漏洞

Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, an individual developer. An authorization issue vulnerability exists in version 1.0 of the SourceCodester Online Pizza Ordering System, which stems from a security issue in admin/ajax.php?action=saveuser in the...

PT-2023-17002 · Sourcecodester · Sourcecodester Medicine Tracker System

Name of the Vulnerable Software and Affected Versions: SourceCodester Medicine Tracker System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file Users.php?f=save user. The manipulation of the arguments firstname, middlename, lastname, username...

PT-2023-16669 · Sourcecodester · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A problematic issue has been found in the processing of the file "admin/ajax.php?action=save user", leading to cross-site request forgery. The attack can be initiated...