CVE-2026-3163

A vulnerability has been found in SourceCodester Website Link Extractor 1.0. This vulnerability affects the function filegetcontents of the component URL Handler. The manipulation leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed ...

CVE-2026-2848

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be...

CVE-2025-13561

A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed a...

EUVD-2025-198577

A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...

CVE-2025-13561

This CVE concerns SourceCodester Company Website CMS 1.0. The vulnerability exists in the /admin/index.php code where manipulation of the Username parameter enables SQL injection. Remote exploitation is possible, and public exploit disclosure is noted. Multiple connected sources corroborate the i...

CVE-2025-6872 SourceCodester Simple Company Website SystemSettings.php unrestricted upload

A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely...

PT-2025-27377 · Unknown · Sourcecodester Simple Company Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Company Website version 1.0 Description: A critical issue was found in the software, affecting an unknown function of the file /admin/clients/manage.php. The manipulation of the ID argument leads to SQL injection. This...

Computer Laboratory Management 1.0 SQL Injection

Exploit Title: Computer Laboratory Management - SQL Injection Authenticated Date: 11/08/2024 Exploit Author: Mert Kuvvet Vendor Homepage: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.html Software Link:...

CVE-2024-3014 SourceCodester Simple Subscription Website Actions.php sql injection

A vulnerability classified as critical has been found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file Actions.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Simple Student Attendance System v1.0 - Time Based Blind SQL Injection

Exploit Title: Simple Student Attendance System - Time Based Blind SQL Injection Date: 26 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/17018/simple-student-attendance-system-using-php-and-mysql.html Software Link:...

CVE-2023-3534 SourceCodester Shopping Website check_availability.php sql injection

A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical. Affected is an unknown function of the file checkavailability.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

PT-2022-18393 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS affected versions not specified Description: A critical issue has been found in the SourceCodester Company Website CMS, affecting the /dashboard/updatelogo.php file of the Background Upload Logo Icon...

CVE-2022-2694

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier...

CVE-2022-30378

Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/viewpost&id=...

Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting Vulnerability

Exploit Title: Sticky Note Apps using JavaScript | Stored Cross Site Scripting Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/javascript/14742/sticky-note-apps-using-javascript-source-code.html Software Link:...

Web Based Alumni Tracking System 0.1 - SQL Injection

Web Based Alumni Tracking System 0.1 - SQL Injection Exploit Title.............. Web Based Alumni Tracking System Multiple Vulnerability Google Dork................ N/A Date....................... 14/10/2016 Exploit Author............. lahilote Vendor Homepage...