CVE-2026-12529

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the component Student Self-Registration Endpoint. The manipulation leads to improper access controls. Remote...

CVE-2026-37346

SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/viewaccount.php?empid=...

PT-2026-33331

Name of the Vulnerable Software and Affected Versions SourceCodester Vehicle Parking Area Management System version 1.0 Description An issue exists in the file '/parking/manage category.php' that allows for SQL Injection, a technique where malicious SQL statements are inserted into entry fields f...

CVE-2026-37597

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php. The root cause is unsafe SQL query handling, enabling potential data leakage or modification. The CVSS metrics indicate a low severity (Base ...

EUVD-2026-21979

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manageroom.php...

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System has a security vulnerability. This vulnerability arises from the fact that the category management module on the...

PT-2026-23957

Name of the Vulnerable Software and Affected Versions SourceCodester Employee Task Management System version 1.0 Description A SQL injection issue exists in the GET Parameter Handler component of the software, specifically within the file '/daily-attendance-report.php'. The Date parameter is...

CVE-2025-63639

The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting XSS due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which executes in the browser of any user viewing th...

CVE-2025-9022 SourceCodester Online Bank Management System statements.php sql injection

A vulnerability was identified in SourceCodester Online Bank Management System up to 1.0. This issue affects some unknown processing of the file /bank/statements.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely...

CVE-2025-8987 SourceCodester COVID 19 Testing Management System test-details.php sql injection

A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-8953

CVE-2025-8953 affects SourceCodester COVID 19 Testing Management System 1.0. The vulnerability is a SQL injection in the file /check_availability.php caused by manipulation of the employeeid parameter, with remote exploitable access and a publicly disclosed exploit. Multiple trusted sources corro...

CVE-2024-9039

A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=signup. The manipulation of the argument firstname/lastname/email leads to sql injection...

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a house rental management system from SourceCodester. A SQL injection vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which originates from the deleteuser/saveuser function in the /adminclass.php file,...

CVE-2024-7284

A vulnerability, which was classified as problematic, was found in SourceCodester Lot Reservation Management System 1.0. This affects an unknown part of the file /admin/ajax.php?action=savesettings. The manipulation of the argument about leads to cross site scripting. It is possible to initiate t...

CVE-2023-6462

A vulnerability, which was classified as problematic, was found in SourceCodester User Registration and Login System 1.0. Affected is an unknown function of the file /endpoint/delete-user.php. The manipulation of the argument user leads to cross site scripting. It is possible to launch the attack...

The vulnerability of the admin/?page=items/view_item component in the Web Application SourceCodester Lost and Found Information System allows a malicious user to execute arbitrary SQL queries.

The vulnerability of the “admin/?page=items/viewitem” component in the Web application of the SourceCodester Lost and Found Information System is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execu...

Online Jewelry Store 跨站脚本漏洞

Online Jewelry Store is an online jewelry store for janobe individual developers. A cross-site scripting vulnerability exists in SourceCodester Online Jewelry Store version 1.0, which stems from a problem in the customer.php file and can be exploited by an attacker to conduct a cross-site scripti...

PT-2023-20699 · Sourcecodester · Sourcecodester Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical issue has been discovered, affecting an unknown function of the file /classes/Master.php?f=delete item. This issue leads to sql injection and can be exploite...

Simple and Beautiful Shopping Cart System SQL注入漏洞

Simple and Beautiful Shopping Cart System is an e-commerce platform. A SQL injection vulnerability exists in SourceCodester Simple and Beautiful Shopping Cart System version 1.0, which stems from a problem in the file login.php, where manipulation of the parameters username/password can lead to s...

Sourcecodester Simple College Website SQL注入漏洞

Sourcecodester Simple College Website is a Sourcecodester open source application. A content management system, Sourcecodester Simple College Website is vulnerable to a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attack...