CVE-2022-2736

A vulnerability was found in SourceCodester Company Website CMS. It has been classified as critical. This affects an unknown part of the file /dashboard/updatelogo.php of the component Background Upload Logo Icon. The manipulation of the argument xfile/ufile leads to unrestricted upload. It is...

CVE-2021-25197

Cross-site scripting XSS vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter to contentmanagementsystem\admin\newcontent.php...

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

PT-2025-16891 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue concerns a file upload vulnerability via the "Create Services" file. This vulnerability can be exploited through the "/dashboard/Services" API endpoint. The Create Services...

CVE-2025-29709

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio...

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

CVE-2025-29709

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio...

PT-2025-16893 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue is related to Cross Site Scripting XSS via the /dashboard/Services API endpoint. This allows for potential malicious script injection. No information is provided about the...

PT-2025-16892 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue is a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio. This vulnerability allows for unauthorized file uploads, potentially leading to securit...

CVE-2025-29710

CVE-2025-29710 - SourceCodester Company Website CMS 1.0 suffers a Cross Site Scripting (XSS) vulnerability in the /dashboard/Services API endpoint. The PT-2025-16893 entry specifies that the issue is related to the /dashboard/Services endpoint and allows potential malicious script injection, affe...

CVE-2025-29708

CVE-2025-29708 affects SourceCodester Company Website CMS 1.0. The vulnerability is a file upload flaw in the Create Services endpoint (/dashboard/Services) that could allow arbitrary file uploads due to improper validation. CVSS v3.1 base score 9.8 (network access, no authentication, user intera...

CVE-2025-29709

The CVE-2025-29709 entry concerns SourceCodester Company Website CMS 1.0, where the file upload feature under the Create portfolio path (/dashboard/portfolio) is vulnerable. The root cause is improper validation of uploaded files, enabling arbitrary file uploads. Documented impact indicates poten...

CVE-2023-5919

A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack may be launched...

CVE-2023-5919 SourceCodester Company Website CMS Create Blog Page createblog unrestricted upload

A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack may be launched...

CVE-2022-2769

A vulnerability, which was classified as problematic, has been found in SourceCodester Company Website CMS. This issue affects some unknown processing of the file /dashboard/contact. The manipulation of the argument phone leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2022-2769 SourceCodester Company Website CMS contact cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Company Website CMS. This issue affects some unknown processing of the file /dashboard/contact. The manipulation of the argument phone leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2022-2765

A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/settings. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit ha...

CVE-2022-2751

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/add-portfolio.php. The manipulation of the argument ufile leads to unrestricted upload. The attack may be launched remotely. The...

CVE-2022-2740

A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attack can be initiate...

Design/Logic Flaw

A vulnerability was found in SourceCodester Company Website CMS. It has been classified as critical. This affects an unknown part of the file /dashboard/updatelogo.php of the component Background Upload Logo Icon. The manipulation of the argument xfile/ufile leads to unrestricted upload. It is...