PT-2025-41459

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description The software is susceptible to SQL Injection in the 'admin/view customer.php' file through the ID parameter. This allows for potential unauthorized access or modification ...

CVE-2025-60316

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin/viewcustomer.php via the ID parameter...

SourceCodester Pet Grooming Management Software 安全漏洞

SourceCodester Pet Grooming Management Software is an open source pet grooming management system from SourceCodester. A security vulnerability exists in SourceCodester Pet Grooming Management Software version 1.0, which originates from improper handling of the parameter ID in the...

CVE-2025-11405

A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /deltax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

CVE-2025-11401

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/savecurr.php. This manipulation of the argument currcode causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and ma...

CVE-2025-11487

A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-11487 SourceCodester Farm Management System uploadProduct.php sql injection

A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-11487

The CVE-2025-11487 entry concerns SourceCodester Farm Management System 1.0. Affected is the code path in /uploadProduct.php where manipulating the Type argument triggers an SQL injection. Multiple sources confirm remote exploit potential and that an exploit has been released publicly. The connec...

CVE-2025-11487 SourceCodester Farm Management System uploadProduct.php sql injection

A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-11485

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

CVE-2025-11485

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

EUVD-2025-33303

A vulnerability was identified in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /buyNow.php. Such manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit is publicly available an...

CVE-2025-11486

CVE-2025-11486 affects SourceCodester Farm Management System 1.0. The vulnerability is in the /buyNow.php file, where manipulation of the Name parameter enables a SQL injection. It is described as remotely exploitable, with a publicly available exploit. The Red Hat/NVD/CVE records and related fee...

CVE-2025-11485 SourceCodester Student Grades Management System Manage Users admin.php add_user cross site scripting

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

CVE-2025-11485 SourceCodester Student Grades Management System Manage Users admin.php add_user cross site scripting

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

CVE-2025-11485

CVE-2025-11485 affects SourceCodester Student Grades Management System 1.0, specifically the add_user function in /admin.php within the Manage Users Page. The vulnerability arises from manipulating the first_name/last_name parameters, enabling cross-site scripting (XSS). The issue can be exploite...

CVE-2025-11399

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/saveroom.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible. The exploit has bee...

CVE-2025-11398

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The impacted element is an unknown function of the file /profile.php of the component Profile Page. Executing manipulation of the argument image can lead to unrestricted upload. The attack may be launched...

CVE-2025-11400

A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /delroom.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2025-60313

Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting XSS in the Enter URLs to check input field. This allows a remote attacker to execute arbitrary code...