Lucene search
K

477 matches found

EUVD
EUVD
added 2026/04/14 3:30 p.m.5 views

EUVD-2026-22266

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/managedepartment.php...

2.7CVSS5.9AI score0.0019EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 3:30 p.m.4 views

EUVD-2026-22264

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/manageemployee.php...

2.7CVSS5.9AI score0.00186EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 3:16 p.m.3 views

CVE-2026-37597

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/attendancelist.php...

2.7CVSS0.00186EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:0 a.m.8 views

CVE-2026-37594

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/viewemployee.php...

5.9AI score0.0019EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 12:0 a.m.8 views

CVE-2026-37601

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. The CVE notes a database-query flaw exploitable via that PHP endpoint, but no specific impact, affected version ranges beyond v1.0, or concrete...

2.7CVSS5.9AI score0.0019EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.7 views

SourceCodester Computer and Mobile Repair Shop Management system 安全漏洞

The SourceCodester Computer and Mobile Repair Shop Management system is a simple PHP project open source by SourceCodester. It provides a website that displays information about the store. This project also manages customers’ repair records; if their devices have been repaired or serviced,...

2.7CVSS5.9AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 12:31 p.m.8 views

EUVD-2026-18188

A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manageuser of the component User Information Handler. Such manipulation of the argument ID leads to authorization bypass. The attack can be executed remotely...

6.9CVSS5.7AI score0.00404EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.4 views

CVE-2026-5181

A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctorsappointment/admin/ajax.php?action=savecategory. Such manipulation of the argument img leads to unrestricted upload. The attack may be...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.5 views

CVE-2026-5180

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.9AI score0.00325EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 12:0 a.m.3 views

CVE-2026-30522

A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application allows administrators to create "Loan Plans" with specific penalty rates for overdue payments. While the frontend interface prevents users from entering...

6AI score0.00255EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.8 views

PT-2026-29326

Name of the Vulnerable Software and Affected Versions SourceCodester Leave Application System version 1.0 Description A security issue exists in the User Management Handler component of SourceCodester Leave Application System. This issue allows for cross site scripting, potentially enabling remot...

4.8CVSS5.3AI score0.00253EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.4 views

PT-2026-29041

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add sales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

6AI score0.00266EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.2 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.00205EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.6 views

PT-2026-29042

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add supplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00252EPSS
Exploits1References2
NVD
NVD
added 2026/03/27 8:16 p.m.4 views

CVE-2026-4971

A weakness has been identified in SourceCodester Note Taking App up to 1.0. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks...

5.3CVSS0.00155EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/27 6:31 p.m.3 views

EUVD-2026-16702

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00266EPSS
Exploits1References2
NVD
NVD
added 2026/03/27 6:16 p.m.3 views

CVE-2026-4968

A vulnerability was determined in SourceCodester Diary App 1.0. The affected element is an unknown function of the file diary.php. Executing a manipulation can lead to cross-site request forgery. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

5.3CVSS0.00194EPSS
Exploits0References5
NVD
NVD
added 2026/03/27 5:16 p.m.9 views

CVE-2026-30569

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web...

6.1CVSS0.00266EPSS
Exploits1References1
CVE
CVE
added 2026/03/27 12:0 a.m.8 views

CVE-2026-30567

CVE-2026-30567 describes a reflected XSS in SourceCodester Sales and Inventory System 1.0, specifically in the view_product.php script via the input parameter “limit.” The root cause is lack of input sanitization, allowing an attacker to inject arbitrary script or HTML through a crafted URL. The ...

6.1CVSS6AI score0.00271EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.20 views

CVE-2026-30571

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

0.00266EPSS
Exploits1References1
Rows per page
Query Builder