269 matches found
EUVD-2026-33645
A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...
CVE-2026-10237 SourceCodester Water Billing Management System User Management manage_user sql injection
A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the atta...
CVE-2026-37602
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manageuser.php...
PT-2026-32637
CVE-2026-37596 SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh attendance/admin/manage department.php. https://t.co/mauoyzh46T...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
EUVD-2026-16684
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30534
SourceCodester Online Food Ordering System v1.0 is affected by a SQL Injection in admin/manage_category.php via the id parameter. The CVE entry provides no vendor-specific remediation in the connected docs; CVSS v3.1 base score is 8.3 (HIGH) with network attack vector, low attack complexity, priv...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
PT-2026-28406
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage product.php file via the "id" parameter...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30533
CVE-2026-30533 targets SourceCodester Online Food Ordering System v1.0. The vulnerability is a SQL Injection in admin/manage_product.php via the id parameter. Reported metrics show CVSS v3.1 base score 9.8 (CRITICAL, NETWORK vector, no user interaction). Affected component: admin/manage_product.p...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
EUVD-2026-9005
A flaw was found in Keycloak. An administrator with manage-users permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the syste...
CVE-2026-2689
A vulnerability was detected in itsourcecode Event Management System 1.0. Affected is an unknown function of the file /admin/managebooking.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2026-2691
A vulnerability has been found in itsourcecode Event Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manageregister.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-2689
CVE-2026-2689 affects itsourcecode Event Management System 1.0. A vulnerability in the /admin/manage_booking.php file allows manipulation of the ID parameter to trigger SQL injection. Exploitation is remote-capable and publicly available, indicating practical risk for affected deployments. Multip...