CVE-2026-9355

CVE-2026-9355 affects SourceCodester Hospitals Patient Records Management System 1.0. The vulnerability is a SQL injection in the function handling /classes/Master.php?f=save_patient_history, triggered by manipulation of the ID argument. This allows remote exploitation and an exploit has been pub...

CVE-2026-6573

A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...

CVE-2026-26885

CVE-2026-26885 affects the Sourcecodester Online Men's Salon Management System v1.0. The vulnerability is an SQL Injection in the endpoint /classes/Master.php?f=delete_service, caused by unsafe SQL handling in the related function. The impact is described as low with no user interaction required,...

CVE-2026-26885

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /classes/Master.php?f=deleteservice...

CVE-2026-2160 SourceCodester Simple Responsive Tourism Website Master.php cross site scripting

A vulnerability has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Master.php?f=savepackage. The manipulation of the argument Title leads to cross site scripting. The attack can be initiat...

CVE-2026-2159 SourceCodester Simple Responsive Tourism Website Registration Master.php cross site scripting

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected is an unknown function of the file /tourism/classes/Master.php?f=register of the component Registration. Executing a manipulation of the argument firstname/lastname/username can lead to cross site scripting. I...

Simple Responsive Tourism Website 代码注入漏洞

Simple Responsive Tourism Website is a simple responsive tourism website. Version 1.0 of Simple Responsive Tourism Website has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameters firstname, lastname, and username in the...

CVE-2023-0962

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file Master.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2023-2293

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been classified as problematic. This affects an unknown part of the file classes/Master.php?f=saveitem. The manipulation of the argument description with the input leads to cross site scripting. It is possibl...

CVE-2023-1593

A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1.0. This issue affects some unknown processing of the file classes/Master.php?f=saveclass. The manipulation of the argument description leads to cross site scripting...

CVE-2023-1771

A vulnerability was found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as problematic. Affected by this issue is the function getscale of the file Master.php. The manipulation of the argument perc leads to cross site scripting. The attack may be launched remotely. The...

CVE-2022-40935

Online Pet Shop We App v1.0 is vulnerable to SQL Injection via /petshop/classes/Master.php?f=deletecategory,id...

CVE-2024-8949

A vulnerability classified as critical has been found in SourceCodester Online Eyewear Shop 1.0. This affects an unknown part of the file /classes/Master.php of the component Cart Content Handler. The manipulation of the argument cartid/id leads to improper ownership management. It is possible to...

Music Gallery Site SQL注入漏洞

Music Gallery Site is a music gallery site by the individual developer Carlo Montero. A SQL injection vulnerability exists in Music Gallery Site version 1.0, which stems from an unknown function in the file /php-music/classes/Master.php?f=deletemusic, where manipulation of the parameter id can le...

CVE-2024-7669

A vulnerability was found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This issue affects the function deleteenrollment of the file Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2024-34479

SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection...

PT-2024-38059 · Sourcecodester · Sourcecodester Employee/Visitor Gate Pass Logging System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 Description: A critical issue has been found in the processing of the file /employee gatepass/classes/Master.php?f=delete department, where the manipulation of the id...

PT-2024-37829 · Unknown · Sourcecodester Student Study Center Desk Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Study Center Desk Management System version 1.0 Description: A critical issue has been discovered, affecting an unknown part of the file /Master.php?f=save student. The manipulation of the id argument leads to SQL...

CVE-2024-6650

A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this issue is the function savedesignation of the file /classes/Master.php. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2024-35357

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=deleteitem. Manipulating the argument id can result in SQL injection...