CVE-2025-14530

CVE-2025-14530 affects SourceCodester Real Estate Property Listing App 1.0. The vulnerability is in /admin/property.php where the image parameter can be manipulated to achieve unrestricted file uploads. This allows remote exploitation; the exploit has been publicly disclosed. Root cause is descri...

SourceCodester Real Estate Property Listing App 安全漏洞

SourceCodester Real Estate Property Listing App is an open source real estate listing application from SourceCodester. A security vulnerability exists in version 1.0 of the SourceCodester Real Estate Property Listing App, which stems from an incorrect manipulation of the parameter image in file...

PT-2025-50647

Name of the Vulnerable Software and Affected Versions SourceCodester Real Estate Property Listing App version 1.0 Description A flaw exists in SourceCodester Real Estate Property Listing App version 1.0 that allows for unrestricted file uploads. This is due to manipulation of the image argument...

CVE-2025-14221

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-64081

SQL injection vulnerability in /php/apipatientschedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter...

EUVD-2025-201798

SQL injection vulnerability in /php/apipatientschedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter...

CVE-2025-64081

SQL injection vulnerability in /php/apipatientschedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter...

CVE-2025-14229

A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-14229

A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed...

EUVD-2025-201705

A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-14229 SourceCodester Inventory Management System SVC Report Export csv injection

A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-14229

CVE-2025-14229 affects SourceCodester Inventory Management System 1.0, targeting the SVC Report Export component. The vulnerability arises from a manipulation that enables CSV injection , with remote feasibility and a publicly disclosed exploit. Public sources consistently describe the issue but ...

CVE-2025-14229 SourceCodester Inventory Management System SVC Report Export csv injection

A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-14221

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-14221

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-14221 SourceCodester Online Banking System page cross site scripting

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

EUVD-2025-201668

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-14221 SourceCodester Online Banking System page cross site scripting

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-14221

CVE-2025-14221 affects SourceCodester Online Banking System 1.0. The vulnerability is a Cross-Site Scripting (XSS) issue in the user profile page, arising from unsanitized input in the First Name/Last Name fields processed by the /?page=user endpoint. Public exploit code indicates a stored XSS va...

CVE-2025-14206

A vulnerability was determined in SourceCodester Online Student Clearance System 1.0. The affected element is an unknown function of the file /Admin/delete-fee.php of the component Fee Table Handler. Executing manipulation of the argument ID can lead to improper authorization. The attack may be...