935 matches found
CVE-2026-36937
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...
CVE-2026-36942
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manageactivity.php...
CVE-2026-36919
CVE-2026-36919 affects Sourcecodester Online Reviewer System v1.0. The vulnerability is a SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php. The available records confirm the impact is SQL injection but do not provide patch details or specific vulnerable param...
CVE-2026-36937
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...
CVE-2026-36941
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manageroom.php...
CVE-2026-5811
A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function saveproduct of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The attack may be performe...
CVE-2026-5811
A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function saveproduct of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The attack may be performe...
CVE-2026-4973
A vulnerability was detected in SourceCodester Online Quiz System up to 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-question.php. Performing a manipulation of the argument quizquestion results in cross site scripting. It is possible to initiate the...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
EUVD-2026-16680
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/viewproduct.php file via the "id" parameter...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-30530
SourceCodester Online Food Ordering System v1.0 is affected. In Actions.php, the save_customer action fails to sanitize the username parameter, enabling a SQL Injection due to improper input handling in user-supplied data. This could allow an attacker to inject arbitrary SQL commands through the ...
PT-2026-28403
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save customer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL comman...
PT-2026-28406
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage product.php file via the "id" parameter...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
CVE-2026-30529
CVE-2026-30529 affects SourceCodester Online Food Ordering System v1.0, specifically in Actions.php (save_user action). The vulnerability arises from improper sanitization of the username parameter, enabling an authenticated attacker to inject malicious SQL commands. Connected sources confirm the...
CVE-2026-30534
SourceCodester Online Food Ordering System v1.0 is affected by a SQL Injection in admin/manage_category.php via the id parameter. The CVE entry provides no vendor-specific remediation in the connected docs; CVSS v3.1 base score is 8.3 (HIGH) with network attack vector, low attack complexity, priv...
CVE-2026-30533
CVE-2026-30533 targets SourceCodester Online Food Ordering System v1.0. The vulnerability is a SQL Injection in admin/manage_product.php via the id parameter. Reported metrics show CVSS v3.1 base score 9.8 (CRITICAL, NETWORK vector, no user interaction). Affected component: admin/manage_product.p...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...