CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16073 matches found

Positive Technologies•added 2026/03/09 12:0 a.m.•4 views

PT-2026-24009

Name of the Vulnerable Software and Affected Versions SourceCodester/janobe Resort Reservation System version 1.0 Description A flaw exists that allows unrestricted file uploads. This is due to improper handling of the image argument within the doInsert function located in the...

8.8CVSS6.5AI score0.00299EPSS

Exploits1References10

CNNVD•added 2026/03/09 12:0 a.m.•5 views

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the paramete...

8.8CVSS6.7AI score0.00301EPSS

Exploits1References5

CNNVD•added 2026/03/09 12:0 a.m.•3 views

SourceCodester Sales and Inventory System SQL注入漏洞

8.8CVSS6.7AI score0.00295EPSS

Exploits1References6

Positive Technologies•added 2026/03/09 12:0 a.m.•5 views

PT-2026-24061

A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage reservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting. The attack may be...

5.1CVSS4.1AI score0.00257EPSS

Exploits1References6

CNNVD•added 2026/03/09 12:0 a.m.•4 views

SourceCodester Patients Waiting Area Queue Management System 授权问题漏洞

The SourceCodester Patients Waiting Area Queue Management System is an open-source system developed by SourceCodester for managing patient waiting queues. Version 1.0 of the SourceCodester Patients Waiting Area Queue Management System contains a vulnerability related to authorization issues. This...

6.9CVSS6AI score0.00506EPSS

Exploits1References6

Positive Technologies•added 2026/03/09 12:0 a.m.•7 views

PT-2026-24015

Name of the Vulnerable Software and Affected Versions SourceCodester/janobe Resort Reservation System version 1.0 Description A flaw exists in the processing of the /room rates.php file within the software. Manipulation of the q argument in this file can lead to a SQL injection condition. This...

8.8CVSS6.6AI score0.00295EPSS

Exploits1References9

CNNVD•added 2026/03/09 12:0 a.m.•5 views

SourceCodester Resort Reservation System 代码问题漏洞

The SourceCodester Resort Reservation System is an open-source resort reservation system developed by SourceCodester. Version 1.0 of the SourceCodester Resort Reservation System has code-related vulnerabilities. These vulnerabilities stem from incorrect handling of parameters in the file...

8.8CVSS6.7AI score0.00299EPSS

Exploits1References6

CNNVD•added 2026/03/09 12:0 a.m.•4 views

SourceCodester Sales and Inventory System SQL注入漏洞

8.8CVSS6.7AI score0.00368EPSS

Exploits1References6

Positive Technologies•added 2026/03/09 12:0 a.m.•6 views

PT-2026-23998

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A flaw exists in SourceCodester Sales and Inventory System 1.0 related to the handling of a GET parameter. Specifically, manipulation of the sellid argument within the sales...

8.8CVSS6.5AI score0.00368EPSS

Exploits1References11

Cvelist•added 2026/03/08 9:32 p.m.•30 views

CVE-2026-3771 SourceCodester/janobe Resort Reservation System accomodation.php sql injection

A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. This vulnerability affects unknown code of the file /accomodation.php. Such manipulation of the argument q leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...

6.5CVSS0.00295EPSS

Exploits1References4

Vulnrichment•added 2026/03/08 9:32 p.m.•2 views

CVE-2026-3771 SourceCodester/janobe Resort Reservation System accomodation.php sql injection

6.5CVSS5.7AI score0.00295EPSS

Exploits1References4

EUVD•added 2026/03/08 9:30 p.m.•4 views

EUVD-2026-10267

A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadminuserupdate.php. This manipulation causes improper authorization. The attack can be initiated remotely. The exploit has been publicly disclosed...

7.5CVSS5.6AI score0.00364EPSS

Exploits1References6

EUVD•added 2026/03/08 9:30 p.m.•5 views

EUVD-2026-10269

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...

5.1CVSS4.3AI score0.0021EPSS

Exploits1References6

EUVD•added 2026/03/08 9:30 p.m.•3 views

EUVD-2026-10273

A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

5.3CVSS5.5AI score0.00214EPSS

Exploits1References6

EUVD•added 2026/03/08 9:30 p.m.•3 views

EUVD-2026-10265

A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmindeletemanager.php of the component Endpoint. The manipulation of the argument managerid leads to improper authorization. It is possible to initiate th...

7.5CVSS5.5AI score0.00496EPSS

Exploits1References6

EUVD•added 2026/03/08 9:30 p.m.•5 views

EUVD-2026-10264

A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadminuserdelete.php of the component Endpoint. Executing a manipulation of the argument userid can lead to improper authorization. The attack may be performe...

5.5CVSS5.5AI score0.00337EPSS

Exploits1References6