Lucene search
K

47 matches found

EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16700

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00266EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16704

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00266EPSS
Exploits1References2
NVD
NVD
added 2026/03/27 6:16 p.m.4 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS0.00241EPSS
Exploits1References1
NVD
NVD
added 2026/03/27 5:16 p.m.5 views

CVE-2026-30571

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS0.00266EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.26 views

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

0.00271EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.3 views

CVE-2026-30570

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00266EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.3 views

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00271EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.2 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28409

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in in the view purchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.3 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00241EPSS
Exploits1References1
CVE
CVE
added 2026/03/27 12:0 a.m.7 views

CVE-2026-30571

CVE-2026-30571 affects SourceCodester Sales and Inventory System 1.0, specifically the view_category.php file where the limit parameter is not sanitized, enabling a reflected XSS. An attacker can craft a URL to inject arbitrary web script/HTML, which would execute in a victim’s browser. The explo...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/27 12:0 a.m.8 views

CVE-2026-30568

CVE-2026-30568 describes a reflected XSS in SourceCodester Sales and Inventory System 1.0, arising from the view_purchase.php file via the limiter parameter. The input is not properly sanitized, enabling arbitrary script/HTML injection when a crafted URL is accessed. Connected sources consistentl...

4.8CVSS6AI score0.00241EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/27 12:0 a.m.14 views

CVE-2026-30570

CVE-2026-30570 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is a Reflected Cross-Site Scripting (XSS) in view_sales.php via the limit parameter, where input is not sanitized, allowing remote attackers to inject arbitrary web scripts or HTML through a crafted URL. Conne...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.5 views

CVE-2023-4199

A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. This affects an unknown part of the file catagorydata.php. The manipulation of the argument columns1data leads to sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS7.9AI score0.00533EPSS
Exploits1References1
CVE
CVE
added 2025/11/23 7:2 p.m.11 views

CVE-2025-13565

CVE-2025-13565 affects SourceCodester Inventory Management System 1.0. The weakness is in /model/user/resetPassword.php, where manipulation of an unknown function can enable weak password recovery. The vulnerability is exploitable remotely and a public exploit exists. Impact is indicated as weak ...

9.1CVSS6.3AI score0.00414EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/10/11 6:2 p.m.11 views

CVE-2025-11610 SourceCodester Simple Inventory System brand.php sql injection

A security flaw has been discovered in SourceCodester Simple Inventory System 1.0. This issue affects some unknown processing of the file /brand.php. The manipulation of the argument editBrandName results in sql injection. The attack can be executed remotely. The exploit has been released to the...

6.5CVSS0.00309EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-54297

Malicious code in bioql PyPI...

9.8CVSS7AI score0.00596EPSS
Exploits0References3
OSV
OSV
added 2024/07/17 4:15 p.m.4 views

CVE-2024-6830

A vulnerability, which was classified as critical, was found in SourceCodester Simple Inventory Management System 1.0. Affected is an unknown function of the file action.php of the component Order Handler. The manipulation of the argument orderid leads to sql injection. It is possible to launch t...

7.5CVSS5.6AI score0.00446EPSS
Exploits1References4
NVD
NVD
added 2024/05/19 12:15 p.m.19 views

CVE-2024-5100

A vulnerability was found in SourceCodester Simple Inventory System 1.0. It has been classified as critical. This affects an unknown part of the file tableedit.php. The manipulation of the argument from/to leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS6.8AI score0.0049EPSS
Exploits1References4
OSV
OSV
added 2024/05/19 8:15 a.m.5 views

CVE-2024-5099

A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...

6.5CVSS5.8AI score0.0049EPSS
Exploits1References4
Rows per page
Query Builder