CVE-2025-6875

A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be...

PT-2025-26831 · Unknown · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A critical issue was found in the software. It affects an unknown function of the file /panel/stock.php. The manipulation of the ID argument leads to SQL injection. This iss...

PT-2025-24048 · Sourcecodester · Sourcecodester Open Source Clinic Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Open Source Clinic Management System version 1.0 Description: A critical issue was found in the /manage website.php file, affecting unknown code. The manipulation of the website image argument leads to unrestricted upload. The...

PT-2025-23369 · Sourcecodester · Sourcecodester Php Display Username After Login

Name of the Vulnerable Software and Affected Versions: SourceCodester PHP Display Username After Login version 1.0 Description: A critical vulnerability has been found in the software. The issue affects an unknown function of the file /login.php. Manipulation of the Username argument leads to SQL...

CVE-2024-7662

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. This vulnerability affects the function savepackage of the file admin/packages/managpackage.php. The manipulation leads to cross-site request forgery. The attack can be...

CVE-2024-2059

A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/app/servicecrud.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be...

CVE-2024-6214

A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file add-item.php. The manipulation of the argument price leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-3316

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/viewcategory.php. The manipulation of the argument id leads to sql injection. The attack...

CVE-2023-1130

A vulnerability, which was classified as critical, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file processlogin. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2022-2656

A vulnerability classified as critical has been found in SourceCodester Multi Language Hotel Management Software. Affected is an unknown function. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2022-3492

A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be initiated remotely...

PT-2025-21770 · Sourcecodester · Sourcecodester Doctors Appointment System

Name of the Vulnerable Software and Affected Versions: SourceCodester Doctor's Appointment System version 1.0 Description: A critical issue affects an unknown part of the file /admin/appointment.php of the component GET Parameter Handler. The manipulation of the ID argument leads to SQL injection...

PT-2025-21773 · Sourcecodester · Sourcecodester Doctors Appointment System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Doctor's Appointment System version 1.0 Description: A critical vulnerability was found in the Sourcecodester Doctor's Appointment System. This issue affects the unknown code of the file /admin/delete-appointment.php of the...

PT-2025-20543 · Sourcecodester · Online Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Clearance System version 1.0 Description: A vulnerability was found in the SourceCodester Online Student Clearance System, affecting an unknown functionality of the file /admin/add-student.php. The manipulation o...

PT-2025-20581

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description The application lacks proper file extension checks, MIME type validation, and authentication when handling file uploads through the user payment update.php script...

PT-2025-17407 · Sourcecodester · Sourcecodester Web-Based Pharmacy Product Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-based Pharmacy Product Management System version 1.0 Description: A problematic issue has been found in the SourceCodester Web-based Pharmacy Product Management System, affecting some unknown functionality of the file...

PT-2025-16898 · Unknown · Sourcecodester Simple Hotel Booking System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Hotel Booking System version 1.0 Description: A critical vulnerability was found in the Login function, where the manipulation of the uname argument leads to a buffer overflow. This issue can be exploited on the local...

PT-2025-15096 · Sourcecodester · Sourcecodester Apartment Visitor Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Apartment Visitor Management System version 1.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file /forgotpw.php. The manipulation of the secode argument leads to SQL injection. Th...

CVE-2025-3045

The CVE-2025-3045 entry affects oretnom23/SourceCodester Apartment Visitor Management System v1.0. Affected is an unknown function in /remove-apartment.php; manipulating the ID parameter triggers SQL injection. Attacks can be launched remotely, and public disclosures exist. Connected sources corr...

CVE-2025-1961

A vulnerability has been found in SourceCodester Best Church Management Software 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/webcrud.php. The manipulation of the argument encryption leads to sql injection. The attack can be...