EUVD-2026-17897

A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to the lack of proper input validation. The application allows administrators to define "Loan Plans" which determine the duration of a loan in months. However, the backend fails to validate that the duration...

CVE-2026-30523

A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to the lack of proper input validation. The application allows administrators to define "Loan Plans" which determine the duration of a loan in months. However, the backend fails to validate that the duration...

CVE-2026-30521

A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application allows administrators to create "Loan Plans" with specific interest rates. While the frontend interface prevents users from entering negative numbers, this...

SourceCodester Loan Management System 安全漏洞

The SourceCodester Loan Management System is an open-source loan management system developed by SourceCodester. Version 1.0 of the SourceCodester Loan Management System contains a security vulnerability. This vulnerability stems from improper server-side validation, which could allow authenticate...

CVE-2026-30522

Summary: CVE-2026-30522 affects SourceCodester Loan Management System v1.0. A business logic flaw arises from improper server-side validation allowing negative values for penalty_rate in Loan Plans, despite frontend restrictions. An authenticated attacker can bypass client-side validation by subm...

CVE-2026-30520

A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The vulnerability is located in the ajax.php file specifically the saveloan action. The application fails to properly sanitize user input supplied to the "borrowerid" parameter in a POST request, allowing an...

SourceCodester Loan Management System 安全漏洞

The SourceCodester Loan Management System is an open-source loan management system developed by SourceCodester. Version 1.0 of the SourceCodester Loan Management System has security vulnerabilities. These vulnerabilities stem from defects in the business logic and improper server-side validation,...

CVE-2026-30520

SourceCodester Loan Management System v1.0 contains a Blind SQL Injection in ajax.php (save_loan action) where the borrower_id parameter in a POST request is not properly sanitized. An authenticated attacker could inject SQL commands via this input. The affected component is the web application’s...

CVE-2026-30521

A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application allows administrators to create "Loan Plans" with specific interest rates. While the frontend interface prevents users from entering negative numbers, this...

CVE-2026-3702

A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out remotely. The exploit is...

CVE-2026-3702

A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out remotely. The exploit is...

EUVD-2023-58554

Malicious code in bioql PyPI...

EUVD-2023-58553

Malicious code in bioql PyPI...

CVE-2023-6310

A vulnerability has been found in SourceCodester Loan Management System 1.0 and classified as critical. This vulnerability affects the function deleteborrower of the file deleteBorrower.php. The manipulation of the argument borrowerid leads to sql injection. The attack can be initiated remotely...

CVE-2022-2666

A vulnerability has been found in SourceCodester Loan Management System and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed...

CVE-2022-2766

A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has be...

CVE-2024-9089 SourceCodester Modern Loan Management System update_loan_record.php cross site scripting

A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file updateloanrecord.php. The manipulation of the argument amount leads to cross site scripting. The attack may be initiated remotely. Th...

CVE-2024-9089 SourceCodester Modern Loan Management System update_loan_record.php cross site scripting

A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file updateloanrecord.php. The manipulation of the argument amount leads to cross site scripting. The attack may be initiated remotely. Th...

SourceCodester Modern Loan Management System SQL注入漏洞

SourceCodester Modern Loan Management System is a modern loan management system from SourceCodester open source. A SQL injection vulnerability exists in SourceCodester Modern Loan Management System version 1.0, which stems from an incorrect operation of the parameter searchMember that can result ...

CVE-2024-31678

Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection via the "password" parameter in the "login.php" file...