SourceCodester Student Result Management System 访问控制错误漏洞

SourceCodester Student Result Management System is an open-source student grade management system developed by SourceCodester. Version 1.0 of the SourceCodester Student Result Management System has a vulnerability related to access control. This vulnerability stems from improper handling of...

SourceCodester Student Result Management System 安全漏洞

SourceCodester Student Result Management System is an open-source student grade management system developed by SourceCodester. Version 1.0 of the SourceCodester Student Result Management System contains a security vulnerability. This vulnerability stems from improper handling of parameter IDs in...

PT-2026-21510

Name of the Vulnerable Software and Affected Versions SourceCodester Student Result Management System version 1.0 Description A flaw exists in the Student Result Management System that allows for improper access controls. This is due to manipulation of the File argument within an unknown function...

PT-2026-21511

A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/drop user.php. Such manipulation of the argument ID leads to denial of service. The attack can be executed remotely. The exploit is publicly available an...

CVE-2026-2938

A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...

CVE-2026-2938

A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...

CVE-2026-2938

A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...

CVE-2026-2938 SourceCodester Student Result Management System update_smtp.php access control

A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...

CVE-2026-2938

The CVE-2026-2938 entry relates to SourceCodester Student Result Management System 1.0, affecting the file /srms/script/admin/core/update_smtp.php. The root cause is an unspecified function allowing improper access controls, enabling remote initiation of an attack. Public exploit disclosure is no...

SourceCodester Student Result Management System 访问控制错误漏洞

SourceCodester Student Result Management System is an open-source student grade management system developed by SourceCodester. Version 1.0 of the SourceCodester Student Result Management System has a vulnerability related to access control, which stems from improper access control practices...

PT-2026-21425

Name of the Vulnerable Software and Affected Versions SourceCodester Student Result Management System version 1.0 Description A flaw exists that allows for improper access controls. The issue is located in an unknown function within the /srms/script/admin/core/update smtp.php file. This can be...

CVE-2026-2848

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be...

CVE-2026-2848

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be...

CVE-2026-2848

CVE-2026-2848 affects SourceCodester Simple Responsive Tourism Website 1.0 . The vulnerability lies in an unknown functionality of the file /classes/Master.php?f=register during registration, where manipulating the Username argument allows SQL injection. The issue can be exploited remotely, and a...

CVE-2026-2848 SourceCodester Simple Responsive Tourism Website Registration Master.php sql injection

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be...

CVE-2026-2848

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be...

SourceCodester Simple Responsive Tourism Website SQL注入漏洞

SourceCodester Simple Responsive Tourism Website is an open-source tourism website developed by SourceCodester. Version 1.0 of SourceCodester Simple Responsive Tourism Website has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter Username in the...

PT-2026-21246

Name of the Vulnerable Software and Affected Versions SourceCodester Simple Responsive Tourism Website version 1.0 Description A flaw exists in SourceCodester Simple Responsive Tourism Website that allows for SQL injection. This issue is related to the manipulation of the Username argument within...

CVE-2025-70141

SourceCodester Customer Support System 1.0 contains an access-control flaw in ajax.php: the AJAX dispatcher may invoke administrative actions in admin_class.php without authentication/authorization checks, based on the action parameter. This allows an unauthenticated remote attacker to perform se...

CVE-2025-70141

SourceCodester Customer Support System 1.0 contains an incorrect access control vulnerability in ajax.php. The AJAX dispatcher does not enforce authentication or authorization before invoking administrative methods in adminclass.php based on the action parameter. An unauthenticated remote attacke...