SourceCodester Student Result Management System 路径遍历漏洞

SourceCodester Student Result Management System is a SourceCodester open source student result management system. SourceCodester Student Result Management System version 1.0 has a path traversal vulnerability, the vulnerability stems from the wrong operation of the parameter img in the file...

SourceCodester Best Employee Management System 安全漏洞

SourceCodester Best Employee Management System is a SourceCodester open source employee management system. A security vulnerability exists in SourceCodester Best Employee Management System version V1.0, which originates from the password parameter in /admin/changepass.php being susceptible to...

CVE-2025-44186

SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/Operation/User.php page...

CVE-2025-4467

A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesignation leads to sql injection. The attack...

CVE-2025-4469

A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument txtusername/txtfullname/txtpassword/txtpassword2 leads to cross site scripting. It is...

CVE-2025-4470

A vulnerability classified as problematic was found in SourceCodester Online Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-student.php. The manipulation of the argument Fullname leads to cross site scripting. The attack can be...

CVE-2025-4470 SourceCodester Online Student Clearance System add-student.php cross site scripting

A vulnerability classified as problematic was found in SourceCodester Online Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-student.php. The manipulation of the argument Fullname leads to cross site scripting. The attack can be...

CVE-2025-4469 SourceCodester Online Student Clearance System add-admin.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument txtusername/txtfullname/txtpassword/txtpassword2 leads to cross site scripting. It is...

CVE-2025-4467

CVE-2025-4467 affects the SourceCodester Online Student Clearance System 1.0. The vulnerability lies in the file /admin/edit-admin.php where manipulating the parameters id, txtfullname, txtemail, and cmddesignation enables SQL injection. This can be exploited remotely, and public disclosures exis...

PT-2025-20559

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description SourceCodester Client Database Management System version 1.0 is susceptible to remote code execution through arbitrary file upload in the user proposal update order.php...

CVE-2025-4331 SourceCodester Online Student Clearance System login.php sql injection

A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument id/username/password leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-4331

CVE-2025-4331 affects SourceCodester Online Student Clearance System 1.0. The vulnerability is an SQL injection in the /Admin/login.php handler caused by improper manipulation of input parameters (username/password/id), enabling remote exploitation. The vulnerability is publicly disclosed and des...

CVE-2025-4248 SourceCodester Simple To-Do List System complete_task.php sql injection

A vulnerability has been found in SourceCodester Simple To-Do List System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /completetask.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The...

CVE-2025-4196

A vulnerability was found in SourceCodester Patient Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /birthing.php. The manipulation of the argument compid leads to sql injection. The attack may be initiated remotely. The exploit...

SourceCodester Student Management System 安全漏洞

SourceCodester Student Management System is SourceCodester open source online student management system. The system provides student information management, announcement management, course management and other functions. SourceCodester Student Management System v1.0 version of a security...

PT-2025-17404 · Sourcecodester · Sourcecodester Web-Based Pharmacy Product Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-based Pharmacy Product Management System version 1.0 Description: A problem was found in the processing of the file changepassword.php. The manipulation of the arguments txtconfirm password, txtnew password, and txtold...

CVE-2025-3729

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file backup.php of the component Database Backup Handler. The manipulation of the argument txtdbname leads to os...

CVE-2024-40068

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=templates/managetemplate&id=1...

CVE-2025-3143 SourceCodester Apartment Visitor Management System visitor-entry.php sql injection

A vulnerability classified as critical has been found in SourceCodester Apartment Visitor Management System 1.0. Affected is an unknown function of the file /visitor-entry.php. The manipulation of the argument visname/address leads to sql injection. It is possible to launch the attack remotely. T...

CVE-2025-3142 SourceCodester Apartment Visitor Management System add-apartment.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /add-apartment.php. The manipulation of the argument buildingno leads to sql injection. The attack may be initiated remotely...