PT-2026-43034

Name of the Vulnerable Software and Affected Versions SourceCodester Simple POS and Inventory System version 1.0 Description A remote SQL injection is possible due to improper manipulation of the Name argument within an unknown function in the '/user/search.php' endpoint. SQL injection is a type ...

PT-2026-29042

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add supplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

PT-2026-27524

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A flaw exists in SourceCodester Sales and Inventory System that allows for SQL injection. The issue is located within the update purchase.php file, specifically through...

CVE-2026-3791 SourceCodester Sales and Inventory System Search dashboard.php sql injection

A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...

CVE-2026-3752

A flaw has been found in SourceCodester Employee Task Management System up to 1.0. The affected element is an unknown function of the file /daily-task-report.php of the component GET Parameter Handler. This manipulation of the argument Date causes sql injection. It is possible to initiate the...

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Versions of the SourceCodester Sales and Inventory System prior to version 1.0 contained a SQL injection vulnerability. This vulnerability stemmed from incorrect...

CVE-2026-2149

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patientid results in cross site scripting. It is possible to...

CVE-2025-10479

A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument studno results in sql injection. The attack may be initiated remotely. The exploit has been...

PT-2024-38958 · Unknown · Sourcecodester Sentiment Based Movie Rating System

Name of the Vulnerable Software and Affected Versions: SourceCodester Sentiment Based Movie Rating System version 1.0 Description: A critical vulnerability was found in the software, affecting an unknown function of the file /classes/Users.php?f=save client of the component User Registration...

CVE-2023-5918

A vulnerability, which was classified as critical, was found in SourceCodester Visitor Management System 1.0. Affected is an unknown function of the file manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of thi...

PT-2023-18948 · Sourcecodester · Sourcecodester Service Provider Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Service Provider Management System version 1.0 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically in the /classes/Master.php?f=save service file. The manipulation of the name...

SourceCodester Computer Parts Sales and Inventory System 跨站脚本漏洞

Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. A cross-site scripting vulnerability exists in SourceCodester Computer Parts Sales and Inventory System version 1.0, which stems from unknown problematic code in th...