PT-2025-46147

Name of the Vulnerable Software and Affected Versions SourceCodester Interview Management System version 1.0 Description A security flaw exists in SourceCodester Interview Management System version 1.0. The issue involves a SQL injection impacting the file '/addCandidate.php'. Manipulation of the...

SourceCodester Simple Public Chat Room 安全漏洞

SourceCodester Simple Public Chat Room is a simple public chat room in SourceCodester open source. A security vulnerability exists in SourceCodester Simple Public Chat Room version 1.0, which stems from the sendmessage.php endpoint that does not implement a CSRF protection mechanism, which could...

CVE-2025-63711

A Cross-Site Request Forgery CSRF vulnerability in the SourceCodester Client Database Management System 1.0 allows an attacker to cause an authenticated administrative user to perform user deletion actions without their consent. The application's user deletion endpoint e.g.,...

SourceCodester Survey Application System 安全漏洞

SourceCodester Survey Application System is an open source survey application system from SourceCodester. A security vulnerability exists in SourceCodester Survey Application System version 1.0, which stems from an incorrect manipulation of the parameter fullname in the file /LoginRegistration.ph...

PT-2025-45590

A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the...

CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

CVE-2025-63711

A Cross-Site Request Forgery CSRF vulnerability in the SourceCodester Client Database Management System 1.0 allows an attacker to cause an authenticated administrative user to perform user deletion actions without their consent. The application's user deletion endpoint e.g.,...

SourceCodester Food Ordering System 安全漏洞

SourceCodester Food Ordering System is an open source food ordering system from SourceCodester. A security vulnerability exists in SourceCodester Food Ordering System version 1.0, which stems from an incorrect manipulation of the parameter ID in the file /view-ticket.php, which could lead to a SQ...

SourceCodester Food Ordering System SQL注入漏洞

SourceCodester Food Ordering System is a SourceCodester open source food ordering system. A SQL injection vulnerability exists in SourceCodester Food Ordering System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /routers/edit-orders.php, which could lead to ...

PT-2025-46162

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description A Cross-Site Request Forgery CSRF issue exists in the application, potentially allowing an attacker to cause an authenticated administrative user to perform actions witho...

SourceCodester Food Ordering System SQL注入漏洞

SourceCodester Food Ordering System is a SourceCodester open source food ordering system. A SQL injection vulnerability exists in SourceCodester Food Ordering System version 1.0, which stems from incorrect manipulation of the parameter msgid in the file /admin.php?id=inbox, which can lead to SQL...

SourceCodester Farm Management System SQL注入漏洞

SourceCodester Farm Management System is a SourceCodester open source farm management system. A SQL injection vulnerability exists in SourceCodester Farm Management System version 1.0, which stems from an incorrect manipulation of the parameter pid in the file /review.php, which could lead to a S...

SourceCodester Simple To-Do List System 安全漏洞

SourceCodester Simple To-Do List System is a simple to-do list system from SourceCodester open source. A security vulnerability exists in SourceCodester Simple To-Do List System version 1.0, which stems from Add Tasks text input that is not properly cleaned up or encoded for output, which could...

SourceCodester Client Database Management System 安全漏洞

SourceCodester Client Database Management System is an open source client database management system from SourceCodester. A security vulnerability exists in the SourceCodester Client Database Management System version 1.0, which stems from a lack of authentication and authorization checks and...

CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

SourceCodester Interview Management System SQL注入漏洞

SourceCodester Interview Management System is a SourceCodester open source interview management system . SourceCodester Interview Management System 1.0 and earlier versions have a SQL injection vulnerability that stems from incorrect manipulation of the parameter candName in the file...

PT-2025-45596

Name of the Vulnerable Software and Affected Versions SourceCodester Survey Application System version 1.0 Description A flaw exists in the SourceCodester Survey Application System that allows for SQL injection. This occurs through manipulation of the fullname argument within the save user/update...

PT-2025-45603

A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...

PT-2025-46161

Name of the Vulnerable Software and Affected Versions SourceCodester Simple Public Chat Room version 1.0 Description The application lacks CSRF-protection mechanisms like tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page that, when visited by an...

SourceCodester Baby Care System SQL注入漏洞

SourceCodester Baby Care System is a SourceCodester open source application. It provides a baby care system. A SQL injection vulnerability exists in SourceCodester Baby Care System version 1.0, which stems from incorrect manipulation of the parameter roleid in the file /updatewelcome.php, which...