CVE-2026-3762

A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmindeletemanager.php of the component Endpoint. The manipulation of the argument managerid leads to improper authorization. It is possible to initiate th...

CVE-2026-3761 SourceCodester Client Database Management System Endpoint superadmin_user_delete.php improper authorization

A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadminuserdelete.php of the component Endpoint. Executing a manipulation of the argument userid can lead to improper authorization. The attack may be performe...

CVE-2026-3761

SourceCodester Client Database Management System 1.0 contains a flaw in the /superadmin_user_delete.php endpoint where manipulating the user_id parameter leads to improper authorization. The issue can be exploited remotely and the exploit has been published. Affects the described component; CVSS ...

CVE-2026-3761

A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadminuserdelete.php of the component Endpoint. Executing a manipulation of the argument userid can lead to improper authorization. The attack may be performe...

CVE-2026-3761 SourceCodester Client Database Management System Endpoint superadmin_user_delete.php improper authorization

A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadminuserdelete.php of the component Endpoint. Executing a manipulation of the argument userid can lead to improper authorization. The attack may be performe...

EUVD-2026-10256

A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /addsalesprint.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-3754

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

CVE-2026-3756

A vulnerability was identified in SourceCodester Sales and Inventory System up to 1.0. Affected is an unknown function of the file /checkitemdetails.php. The manipulation of the argument stockname1 leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

CVE-2026-3759 projectworlds Online Art Gallery Shop adminHome.php sql injection

A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of the file /admin/adminHome.php. Such manipulation of the argument reachnm leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly an...

CVE-2026-3757 projectworlds Online Art Gallery Shop pass sql injection

A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /?pass=1. The manipulation of the argument fnm results in sql injection. The attack may be launched remotely. The exploit has been released to t...

CVE-2026-3755 SourceCodester Sales and Inventory System POST check_customer_details.php sql injection

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /checkcustomerdetails.php of the component POST Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attack can be launched remotely...

CVE-2026-3755

CVE-2026-3755 affects SourceCodester Sales and Inventory System 1.0, specifically the POST Handler. The vulnerability is a SQL injection in the file /check_customer_details.php caused by manipulating the argument stock_name1 (also reported in variations like stock name1). It can be exploited remo...

CVE-2026-3754

CVE-2026-3754 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is an SQL injection in the /add_stock.php module, triggered by manipulating the cost argument, with remote exploitation and a publicly available exploit. Multiple feeds consistently describe an unknown function...

CVE-2026-3752

A flaw has been found in SourceCodester Employee Task Management System up to 1.0. The affected element is an unknown function of the file /daily-task-report.php of the component GET Parameter Handler. This manipulation of the argument Date causes sql injection. It is possible to initiate the...

CVE-2026-3752 SourceCodester Employee Task Management System GET Parameter daily-task-report.php sql injection

A flaw has been found in SourceCodester Employee Task Management System up to 1.0. The affected element is an unknown function of the file /daily-task-report.php of the component GET Parameter Handler. This manipulation of the argument Date causes sql injection. It is possible to initiate the...

CVE-2026-3747

The CVE-2026-3747 entry concerns itsourcecode University Management System version 1.0. The vulnerability is an SQL injection in the file /add_result.php (subject parameter manipulation) that can be triggered remotely. Public exploitation is noted. Multiple sources corroborate impact on confident...

CVE-2026-3745

CVE-2026-3745 affects code-projects’ Student Web Portal 1.0. An unknown function in profile.php allows manipulation of the User argument, resulting in an SQL injection. The vulnerability is remotely exploitable and, per the sources, the exploit has been publicly disclosed. Affected impact is desc...

EUVD-2026-10247

A vulnerability has been found in code-projects Student Web Portal 1.0. This impacts the function valregpasswdation of the file signup.php. The manipulation of the argument regpasswd leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may...

EUVD-2026-10238

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...

EUVD-2026-10237

A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetchmanagerdetails.php of the component Endpoint. This manipulation of the argument managerid causes improper authorization. The attack can be initiated remotely. The explo...