CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16028 matches found

CVE•added 2026/03/30 12:0 a.m.•8 views

CVE-2026-30556

CVE-2026-30556 is a reflected XSS in SourceCodester Sales and Inventory System 1.0. The vulnerability is in index.php via the msg parameter, where input is not properly sanitized, allowing remote attackers to inject arbitrary web script or HTML through a crafted URL. Connected documents confirm t...

6.1CVSS6AI score0.00021EPSS

Exploits1References1Affected Software1

CVE•added 2026/03/30 12:0 a.m.•4 views

CVE-2026-30561

CVE-2026-30561 is a reflected XSS in SourceCodester Sales and Inventory System 1.0, triggered in add_purchase.php via the msg parameter. The input is not properly sanitized, allowing an attacker to craft a URL that injects arbitrary script/HTML when viewed by a victim. The connected documents con...

6.1CVSS6AI score0.00021EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2026/03/30 12:0 a.m.•2 views

PT-2026-29039

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00021EPSS

Exploits1References2

Vulnrichment•added 2026/03/30 12:0 a.m.•0 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

6AI score0.00051EPSS

Exploits1References1

Vulnrichment•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30561

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addpurchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00021EPSS

Exploits1References1

CNNVD•added 2026/03/30 12:0 a.m.•3 views

SourceCodester Sales and Inventory System 安全漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a security vulnerability. This vulnerability stems from improper cleaning of the parameter msg i...

6.1CVSS5.6AI score0.00021EPSS

Exploits1References2

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00066EPSS

Exploits1References2

Cvelist•added 2026/03/30 12:0 a.m.•12 views

CVE-2026-30562

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

0.00074EPSS

Exploits0References1

ATTACKERKB•added 2026/03/30 12:0 a.m.•2 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00021EPSS

Exploits1References2

ATTACKERKB•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30562

9.3CVSS6AI score0.00074EPSS

Exploits0References2

CNNVD•added 2026/03/30 12:0 a.m.•3 views

SourceCodester RSS Feed Parser 代码问题漏洞

The SourceCodester RSS Feed Parser is an open-source rss feed parser developed by SourceCodester. Version 1.0 of the SourceCodester RSS Feed Parser has code vulnerabilities; these vulnerabilities stem from incorrect operations with the filegetcontents function, which may lead to server-side reque...

6.5CVSS6.7AI score0.00018EPSS

Exploits0References6

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00021EPSS

Exploits1References2

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00066EPSS

Exploits1References2

CNNVD•added 2026/03/30 12:0 a.m.•3 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00066EPSS

Exploits1References2

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

9.3CVSS5.6AI score0.00074EPSS

Exploits0References2

ATTACKERKB•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30558

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcustomer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00021EPSS

Exploits1References2

Cvelist•added 2026/03/30 12:0 a.m.•14 views

CVE-2026-30561

0.00021EPSS

Exploits1References1

Cvelist•added 2026/03/30 12:0 a.m.•19 views

CVE-2026-30558

0.00021EPSS

Exploits1References1

Cvelist•added 2026/03/30 12:0 a.m.•18 views

CVE-2026-30563