16073 matches found
CVE-2026-30532
CVE-2026-30532 describes a SQL Injection vulnerability in SourceCodester Online Food Ordering System v1.0, exposed via the admin/view_product.php file when using the id parameter. The vulnerability is documented as affecting the admin view_Product flow, with the root cause being unsafe constructi...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
SourceCodester Note Taking App 安全漏洞
SourceCodester Note Taking App is an open-source note-taking application developed by SourceCodester. Versions of SourceCodester Note Taking App prior to version 1.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect operations and could lead to cross-site request...
SourceCodester Diary App 安全漏洞
The SourceCodester Diary App is an open-source diary application developed by SourceCodester. Version 1.0 of the SourceCodester Diary App contains a security vulnerability, which stems from incorrect handling of the diary.php file. This vulnerability may lead to cross-site request forgery attacks...
PT-2026-28696
Name of the Vulnerable Software and Affected Versions SourceCodester Note Taking App version 1.0 Description A cross-site request forgery condition exists in SourceCodester Note Taking App. The issue impacts an unknown function and allows for remote exploitation. The exploit has been publicly...
CVE-2026-30568
CVE-2026-30568 describes a reflected XSS in SourceCodester Sales and Inventory System 1.0, arising from the view_purchase.php file via the limiter parameter. The input is not properly sanitized, enabling arbitrary script/HTML injection when a crafted URL is accessed. Connected sources consistentl...
PT-2026-28414
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level...
PT-2026-28410
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is located in the view stock availability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
PT-2026-28405
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/view product.php file via the "id" parameter...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-30568
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30567
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30570
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30569
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web...
CVE-2026-30576
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
CVE-2026-30530
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecustomer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL command...
CVE-2026-30532
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/viewproduct.php file via the "id" parameter...