16073 matches found
EUVD-2026-9198
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26707
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/viewsupplier.php...
CVE-2026-26705
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/viewproduct.php...
CVE-2026-26702
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitemreuse.php...
CVE-2026-26703
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advancesearch.php...
SourceCodester Web-based Pharmacy Product Management System 代码问题漏洞
SourceCodester Web-based Pharmacy Product Management System is an open-source pharmacy product management system developed by SourceCodester. Version 1.0 of the SourceCodester Web-based Pharmacy Product Management System has code-related vulnerabilities. These vulnerabilities may occur due to...
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
PT-2026-22523
A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...
EUVD-2026-9192
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitemreuse.php...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26705
The CVE-2026-26705 entry concerns sourcecodester Pharmacy Point of Sale System v1.0, vulnerable to SQL Injection in /pharmacy/view_product.php due to insufficient input validation. Documentation confirms the issue and impact (high confidentiality, integrity, and availability), with a CVSS v3.1 ba...
CVE-2026-26707
CVE-2026-26707 affects sourcecodester Pharmacy Point of Sale System v1.0; vulnerable to SQL Injection in /pharmacy/view_supplier.php. Root cause: unsanitized input enabling injection. Impact: high confidentiality, integrity, and availability risk (CVSS 3.1: CRITICAL, network, no user interaction)...
CVE-2026-26700
CVE-2026-26700 affects sourcecodester Personnel Property Equipment System v1.0. The vulnerability is a SQL Injection in /ppes/admin/edit_employee.php caused by unsanitized input, enabling potential unauthorized data access or modification. The public metrics assign a CVSS v3.1 base score of 9.8 (...
CVE-2026-3302
A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...
CVE-2026-3302
A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...
CVE-2026-3302
The CVE-2026-3302 entry affects SourceCodester Doctor Appointment System 1.0, targeting the Sign Up Page’s /register.php. Affected functionality is the Email parameter; manipulating it yields cross-site scripting (XSS). Exploitation is remote, and a public PoC/exploit exists per the description. ...