Lucene search
K

468 matches found

NVD
NVD
added 2026/05/08 12:16 a.m.22 views

CVE-2026-8117

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such manipulation of the argument page leads to cross site scripting. The attack may be launched remotely. The exploit has been...

5.3CVSS0.00269EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-38657

Name of the Vulnerable Software and Affected Versions SourceCodester Pharmacy Sales and Inventory System version 1.0 Description A flaw in the '/index.php?page=users' endpoint allows for remote cross-site scripting XSS, which occurs when an attacker manipulates the Name argument. Cross-site...

4.8CVSS5.6AI score0.00202EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.7 views

PT-2026-36791

A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected is an unknown function of the file /product expiry/edit-admin.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/01 3:45 a.m.30 views

CVE-2026-7550 SourceCodester Pharmacy Sales and Inventory System ajax.php save_customer sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS0.00259EPSS
Exploits0References5
CVE
CVE
added 2026/05/01 1:45 a.m.17 views

CVE-2026-7545

SourceCodester Advanced School Management System 1.0 is affected by an SQL injection in the checkEmail endpoint, specifically via the commonController.php function. The vulnerability stems from manipulation of an element within that file, enabling remote exploitation. The exploit has been publicl...

7.5CVSS7.3AI score0.00259EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/29 8:45 p.m.6 views

CVE-2026-7408 SourceCodester Pizzafy Ecommerce System ajax.php save_menu sql injection

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/29 7:15 p.m.6 views

EUVD-2026-26282

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument studentid/fullname/section/username results ...

5.3CVSS3.6AI score0.0032EPSS
Exploits0References5
CVE
CVE
added 2026/04/28 2:15 p.m.12 views

CVE-2026-7283

SourceCodester Pharmacy Sales and Inventory System 1.0 exposes a SQL injection in /ajax.php?action=save_expired caused by manipulating the ID argument. The flaw is remote‑exploitable and is associated with CVE-2026-7283. Public exploit availability is noted in the reports. The connected documents...

5.8CVSS5.1AI score0.00263EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 10:30 a.m.2 views

CVE-2026-7265 SourceCodester Pizzafy Ecommerce System index.php category sql injection

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.00241EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/28 10:30 a.m.35 views

CVE-2026-7265 SourceCodester Pizzafy Ecommerce System index.php category sql injection

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS0.00241EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 10:30 a.m.5 views

EUVD-2026-26031

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.00241EPSS
Exploits0References5
CVE
CVE
added 2026/04/28 5:45 a.m.16 views

CVE-2026-7230

Affected software: SourceCodester Safety Anger Pad 1.0. Vulnerability: An unspecified function vulnerable to manipulation of the angerDisplay argument, causing cross-site scripting. Impact/consequences: Remote attacker could trigger XSS in victims’ browsers; exploit has been publicly released (pr...

5.3CVSS3.7AI score0.00263EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.11 views

PT-2026-35823

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function save user of the file /admin/ajax.php?action=save user. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

4.8CVSS3.1AI score0.00202EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/27 11:15 p.m.11 views

EUVD-2026-25954

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deleteproduct. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the atta...

7.5CVSS7.3AI score0.00265EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/27 10:45 p.m.5 views

CVE-2026-7194 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=saveproduct. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/27 1:0 p.m.8 views

CVE-2026-7126

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=savecategory. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released t...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/27 6:16 a.m.17 views

CVE-2026-7088

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/27 4:45 a.m.3 views

CVE-2026-7088 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from improper...

7.5CVSS7.1AI score0.00254EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/16 3:31 p.m.7 views

EUVD-2026-23249

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/viewmusic.php...

7.3CVSS5.9AI score0.00169EPSS
Exploits0References2
Rows per page
Query Builder