CVE-2020-24198

A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'...

EUVD-2024-46925

Malicious code in bioql PyPI...

EUVD-2025-13443

Malicious code in bioql PyPI...

EUVD-2025-15706

Malicious code in bioql PyPI...

CVE-2020-23831

A Reflected Cross-Site Scripting XSS vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials...

CVE-2025-4935

A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/changePassword.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2025-4935

A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/changePassword.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2025-4935

CVE-2025-4935 affects SourceCodester Stock Management System 1.0. The vulnerability is a SQL injection in the file /php_action/changePassword.php triggered by manipulating the user_id parameter. The issue is exploitable remotely and has public exploit references in multiple sources. Several conne...

CVE-2025-4935 SourceCodester Stock Management System changePassword.php sql injection

A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/changePassword.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2025-4806

A vulnerability, which was classified as critical, has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=backorder/viewbo. The manipulation of the argument ID leads to sql injection. The attack may be...

CVE-2025-4786

A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/?page=return/viewreturn. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely...

CVE-2025-4787

A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of the file /admin/?page=sales/viewsale. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The...

PT-2025-21738 · Unknown · Sourcecodester/Oretnom23 Stock Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester/oretnom23 Stock Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester/oretnom23 Stock Management System. The issue affects an unknown function of the file /admin/?page=sales/vi...

SourceCodester Stock Management System 注入漏洞

SourceCodester Stock Management System is a SourceCodester open source inventory management system. An injection vulnerability exists in SourceCodester Stock Management System version 1.0, which originates from improper handling of the parameter ID in the file /admin/?page=purchaseorder/viewpo,...

CVE-2024-36779

Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php...

CVE-2024-5774

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...

CVE-2024-5774

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...

CVE-2024-5774

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...

CVE-2024-5774 SourceCodester Stock Management System Login index.php sql injection

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...

CVE-2024-5774

CVE-2024-5774 affects SourceCodester Stock Management System 1.0, specifically the Login component’s index.php. The vulnerability is a SQL injection exploitable via the username/password arguments in an unknown functionality, allowing remote attack. Multiple connected sources confirm the issue, n...