Lucene search
K

469 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-43282

A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the...

7.5CVSS6.8AI score0.00263EPSS
Exploits0References7
NVD
NVD
added 5 days ago8 views

CVE-2026-15190

A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown part of the file /login.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and m...

7.5CVSS0.00328EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/06 12:30 a.m.10 views

EUVD-2026-41791

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS5.6AI score0.00214EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/05 8:45 a.m.50 views

CVE-2026-14732 SourceCodester Class and Exam Timetabling System edit_exam.php sql injection

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This vulnerability affects unknown code of the file /editexam.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 5:16 a.m.11 views

CVE-2026-14698

A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00209EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 2:45 a.m.33 views

CVE-2026-14695 SourceCodester Multi-Vendor Online Grocery Management System Registration Users.php save_client sql injection

A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveclient of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection. It is possible to launch the...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 2:30 a.m.38 views

CVE-2026-14694 SourceCodester Multi-Vendor Online Grocery Management System POST Parameter Master.php cancel_order sql injection

A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancelorder of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 2:0 a.m.19 views

CVE-2026-14692

The CVE-2026-14692 entry concerns SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26 where the function save_shop_type in classes/Master.php (POST Parameter Handler) is vulnerable to SQL injection. The vulnerability can be exploited remotely, and the exploit is publicly avail...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 1:30 a.m.21 views

CVE-2026-14690

Affected product: SourceCodester Multi-Vendor Online Grocery Management System 1.0. Vulnerable component: function save_users in classes/Users.php. Root cause: manipulation leads to improper authorization. Impact described: remote exploitation is possible and the exploit has been made publicly av...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.9 views

PT-2026-55833

Name of the Vulnerable Software and Affected Versions SourceCodester Onlne Examination & Learning Management System version 1.0 Description An unrestricted upload flaw exists within the Filename Extension component. The issue resides in the pathinfo function of the /upload files.php endpoint, whe...

6.5CVSS6.8AI score0.00214EPSS
Exploits0References9
NVD
NVD
added 2026/07/04 9:17 p.m.8 views

CVE-2026-14652

A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit ha...

7.5CVSS0.00412EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 1:30 p.m.13 views

CVE-2026-13571

The CVE-2026-13571 affects SourceCodester Simple Food Ordering System 1.0. A flaw in an unknown function in /cart.php allows manipulation of the item_price argument, leading to business logic errors. The vulnerability can be exploited remotely, and an exploit has been published. No remediation or...

6.9CVSS5.7AI score0.00383EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/28 9:45 a.m.8 views

EUVD-2026-39986

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument courseyearsection can lead to sql injection. The attack can be launched remotely. The exploit has been...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/13 11:15 p.m.34 views

CVE-2026-12176 SourceCodester CET Automated Grading System with AI Predictive Analytics index.php cross site scripting

A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be carried out...

5.3CVSS0.00265EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.13 views

CVE-2026-11485

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive2.php. Such manipulation of the argument sy leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly...

7.5CVSS7AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 10:16 a.m.13 views

CVE-2026-11501

A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=savepatient. The manipulation of the argument ID results in sql injection. It is possible to launch the attack...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 5:16 a.m.18 views

CVE-2026-11483

A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /archive4.php. The manipulation of the argument sy results in sql injection. The attack can be launched remotely. The exploit has been released to the public a...

7.5CVSS0.00275EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 3:30 a.m.31 views

CVE-2026-11484

SourceCodester Class and Exam Timetabling System 1.0 is affected by a SQL injection via the archive3.php file (argument sy). The vulnerability is exploitable remotely and reportedly has publicly available exploit code. The records do not specify the exact vulnerable function name beyond archive3....

7.5CVSS7AI score0.00275EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-5812

A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Performing a manipulation of the argument txtqty results in business logic errors. It is possible to initia...

5.5CVSS5.6AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.15 views

CVE-2026-37595

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/manageemployee.php...

2.7CVSS5.7AI score0.00186EPSS
Exploits0References1
Rows per page
Query Builder