38 matches found
CVE-2024-0735
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. Affected by this issue is the function exec of the file admin/operations/expense.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit...
CVE-2024-10990
A vulnerability classified as critical was found in SourceCodester Online Veterinary Appointment System 1.0. This vulnerability affects unknown code of the file /admin/services/viewservice.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...
CVE-2023-3383
A vulnerability, which was classified as critical, was found in SourceCodester Game Result Matrix System 1.0. This affects an unknown part of the file /dipam/athlete-profile.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to...
CVE-2023-2348
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...
CVE-2025-44185
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/changepass.php via the password parameter...
CVE-2025-46191
Arbitrary File Upload in userpaymentupdate.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to upload arbitrary files via the uploadedfilecancelled field. Due to the absence of proper file extension checks, MIME type validation, and authentication, attacker...
CVE-2025-3765
A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-photo.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack may be...
CVE-2025-3140
CVE-2025-3140 affects SourceCodester Online Medicine Ordering System 1.0. The vulnerability is an SQL injection in the unknown part of the file /view_category.php caused by manipulating the ID parameter. It can be exploited remotely and exploitation has been disclosed publicly. The connected docu...
CVE-2025-2652
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. The attack can be launched...
PT-2025-11476 · Sourcecodester · Itsourcecode Vehicle Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Vehicle Management System version 1.0 Description: A vulnerability was found in the SourceCodester Vehicle Management System, affecting some unknown functionality of the file /confirmbooking.php. The manipulation of the id...
CVE-2025-1606
The CVE-2025-1606 entry affects SourceCodester Best Employee Management System 1.0, specifically the file /admin/backup/backups.php, where manipulation leads to information disclosure. Documents consistently state remote exploitation and that the public exploit is disclosed; vendor response is no...
CVE-2025-1192
CVE-2025-1192 affects SourceCodester Multi Restaurant Table Reservation System 1.0. The vulnerability is in an unknown function of the file select-menu.php where manipulating the table parameter leads to an SQL injection. Exploitation can be performed remotely, and the exploit has been disclosed ...
CVE-2024-3376
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file config.php. The manipulation of the argument url leads to execution after redirect. It is possible to initiate the attack remotely. The explo...
CVE-2024-36568
Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=...
CVE-2024-36569
Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php...
Young Entrepreneur E-Negosyo System SQL注入漏洞
Young Entrepreneur E-Negosyo System is a Young Entrepreneur E-Negosyo System for janobe individual developers. A security vulnerability exists in SourceCodester Young Entrepreneur E-Negosyo System version 1.0, which stems from an incorrect manipulation of the parameter search resulting in sql...
CVE-2023-1466 SourceCodester Student Study Center Desk Management System view_student sql injection
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as critical. This issue affects the function viewstudent of the file admin/?page=students/viewstudent. The manipulation of the argument id with the input 3' AND SELECT 2100 FROM...
SourceCodester Online Examination System Cross-Site Scripting Vulnerability
SourceCodester Online Examination System is an online examination system from SourceCodester, Inc. in the United States. Worlds Online Examination System 1.0 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to inject arbitrary code via the name field...