CVE-2026-3695

CVE-2026-3695 affects SourceCodester Modern Image Gallery App 1.0. The vulnerability is in an affected function of /delete.php where filename manipulation enables path traversal. Exploitation can be remote; exploit code maturity is documented as PROOF-OF-CONCEPT. CVSS metrics across versions indi...

PT-2026-23965

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A SQL injection issue exists in SourceCodester Sales and Inventory System 1.0. The issue is located in an unknown function within the /add stock.php file. Manipulating the cost...

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter stockname1 in...

SourceCodester Simple Responsive Tourism Website SQL注入漏洞

SourceCodester Simple Responsive Tourism Website is an open-source tourism website developed by SourceCodester. Version 1.0 of SourceCodester Simple Responsive Tourism Website has a SQL injection vulnerability. This vulnerability stems from the handling of the Username parameter in the Login.php...

PT-2026-23983

A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the cost...

PT-2026-23929

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unknown function of the file /checkin.php. This manipulation of the argument patient id causes improper authorization. It is possible to initiate the attack remotely. The exploit ha...

PT-2026-23975

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description An improper authorization issue exists in SourceCodester Client Database Management System version 1.0. The issue is related to an unknown function within the /superadmin...

PT-2026-23913

A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out remotely. The exploit is...

SourceCodester Employee Task Management System SQL注入漏洞

SourceCodester Employee Task Management System is an open-source employee task management system developed by SourceCodester. Version 1.0 of the SourceCodester Employee Task Management System has a SQL injection vulnerability. This vulnerability stems from the handling of the Date parameter in th...

PT-2026-23959

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A SQL injection issue exists in SourceCodester Sales and Inventory System. The issue is due to manipulation of the sid argument within the /add sales print.php file. This allows...

PT-2026-23966

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A SQL injection issue exists in SourceCodester Sales and Inventory System 1.0. The issue is located in the POST Handler component, specifically within the file /check customer...

PT-2026-23977

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...

SourceCodester Client Database Management System 授权问题漏洞

SourceCodester Client Database Management System is an open-source client database management system developed by SourceCodester. Version 1.0 of the SourceCodester Client Database Management System has a vulnerability related to authorization issues. This vulnerability stems from incorrect handli...

SourceCodester Client Database Management System 授权问题漏洞

SourceCodester Client Database Management System is an open-source client database management system developed by SourceCodester. There were vulnerabilities related to authorization in the 1.0 and 3.1 versions of the SourceCodester Client Database Management System. These vulnerabilities stemmed...

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory system developed by SourceCodester. Versions of the SourceCodester Sales and Inventory System prior to version 1.0 contained a SQL injection vulnerability. This vulnerability stemmed from incorrect handling of the...

SourceCodester Computer Laboratory Management System 安全漏洞

SourceCodester Computer Laboratory Management System is an open-source computer laboratory management system developed by SourceCodester. Version 1.0 of the SourceCodester Computer Laboratory Management System contains a security vulnerability, which can be exploited by cross-site request forgery...

SourceCodester Resort Reservation System SQL注入漏洞

The SourceCodester Resort Reservation System is an open-source resort reservation system developed by SourceCodester. Version 1.0 of the SourceCodester Resort Reservation System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “q” in the file...

PT-2026-23967

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A SQL injection issue exists in SourceCodester Sales and Inventory System version 1.0. The issue is located in the /check item details.php file, within an unknown function...

PT-2026-23957

Name of the Vulnerable Software and Affected Versions SourceCodester Employee Task Management System version 1.0 Description A SQL injection issue exists in the GET Parameter Handler component of the software, specifically within the file '/daily-attendance-report.php'. The Date parameter is...