CVE-2026-30569

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web...

CVE-2026-30569

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web...

CVE-2026-30533

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...

CVE-2026-30575

This CVE affects SourceCodester Pharmacy Product Management System 1.0, specifically the add-stock.php logic. The root cause is improper validation of the txtqty parameter during stock entry, which allows negative values to be processed. As a result, the system decreases inventory levels instead ...

CVE-2026-30530

SourceCodester Online Food Ordering System v1.0 is affected. In Actions.php, the save_customer action fails to sanitize the username parameter, enabling a SQL Injection due to improper input handling in user-supplied data. This could allow an attacker to inject arbitrary SQL commands through the ...

CVE-2026-30532

CVE-2026-30532 describes a SQL Injection vulnerability in SourceCodester Online Food Ordering System v1.0, exposed via the admin/view_product.php file when using the id parameter. The vulnerability is documented as affecting the admin view_Product flow, with the root cause being unsafe constructi...

PT-2026-28402

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save user action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious...

SourceCodester Diary App 安全漏洞

The SourceCodester Diary App is an open-source diary application developed by SourceCodester. Version 1.0 of the SourceCodester Diary App contains a security vulnerability, which stems from incorrect handling of the diary.php file. This vulnerability may lead to cross-site request forgery attacks...

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the improper cleaning of the id parameter in th...

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

PT-2026-28406

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage product.php file via the "id" parameter...

CVE-2026-30568

CVE-2026-30568 affects SourceCodester Inventory System 1.0. The vulnerability is a Reflected XSS in the file view_purchase.php, exploitable via the limit parameter where user input is not properly sanitized. An attacker can craft a URL to inject arbitrary script/HTML, potentially compromising use...

CVE-2026-30569

SourceCodester Inventory System 1.0 contains a Reflected Cross-Site Scripting (XSS) in view_stock_availability.php via the limit parameter. Input is not sanitized, allowing an attacker to inject arbitrary script/HTML through a crafted URL. No exploitation details or patches are provided in the do...

CVE-2026-30570

SourceCodester Inventory System 1.0 contains a Reflected Cross-Site Scripting (XSS) vulnerability in view_sales.php triggered by the limit parameter. The input is not sanitized, allowing an attacker to inject arbitrary web script or HTML via a crafted URL. Affected software is described across CV...

CVE-2026-30575

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level...

CVE-2026-30533

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...

SourceCodester Note Taking App 安全漏洞

SourceCodester Note Taking App is an open-source note-taking application developed by SourceCodester. Versions of SourceCodester Note Taking App prior to version 1.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect operations and could lead to cross-site request...

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the fact that the savecustomer operation in the...

PT-2026-28410

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is located in the view stock availability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

CVE-2026-30570

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...