CVE-2025-13345 SourceCodester Train Station Ticketing System ajax.php sql injection

A security vulnerability has been detected in SourceCodester Train Station Ticketing System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveticket. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-13344

CVE-2025-13344 affects SourceCodester Train Station Ticketing System 1.0. The vulnerability is a SQL injection in the /ajax.php?action=login handler, triggered by manipulating the Username parameter, with remote access and a public exploit. Impact is reported as high/critical on confidentiality, ...

CVE-2025-13344 SourceCodester Train Station Ticketing System ajax.php sql injection

A weakness has been identified in SourceCodester Train Station Ticketing System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=login. This manipulation of the argument Username causes sql injection. The attack can be initiated remotely. The exploit ha...

CVE-2025-13343 SourceCodester Interview Management System editQuestion.php cross site scripting

A security flaw has been discovered in SourceCodester Interview Management System 1.0. Affected is an unknown function of the file /editQuestion.php. The manipulation of the argument Question results in cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-13343

CVE-2025-13343 concerns SourceCodester Interview Management System 1.0. Affected component: the function handling the parameter in /editQuestion.php (parameter: Question). The input manipulation results in cross-site scripting (XSS) and can be exploited remotely. Multiple sources confirm the issu...

CVE-2025-63708

Cross-Site Scripting XSS vulnerability exists in SourceCodester AI Font Matcher nid=18425, 2025-10-10 that allows remote attackers to execute arbitrary JavaScript in victims' browsers. The vulnerability occurs in the webfonts API handling mechanism where font family names are not properly...

PT-2025-47307

Name of the Vulnerable Software and Affected Versions SourceCodester Train Station Ticketing System version 1.0 Description A flaw exists in SourceCodester Train Station Ticketing System. The issue affects unknown code within the /ajax.php?action=save user file. Manipulation of the Username...

PT-2025-47302

Name of the Vulnerable Software and Affected Versions SourceCodester Train Station Ticketing System version 1.0 Description A SQL injection weakness exists in the Train Station Ticketing System. This issue is related to the manipulation of the Username argument within the login functionality,...

SourceCodester Train Station Ticketing System SQL注入漏洞

SourceCodester Train Station Ticketing System is SourceCodester open source a train station ticketing system . A SQL injection vulnerability exists in SourceCodester Train Station Ticketing System version 1.0, which stems from incorrect manipulation of the parameter id/station in the file...

PT-2025-47303

Name of the Vulnerable Software and Affected Versions SourceCodester Train Station Ticketing System version 1.0 Description A security issue exists in SourceCodester Train Station Ticketing System 1.0. The issue involves a SQL injection point within the application, specifically through...

SourceCodester Student Grades Management System 安全漏洞

SourceCodester Student Grades Management System is a SourceCodester open source student grades management system. A security vulnerability exists in SourceCodester Student Grades System version 1.0, which originates from improper manipulation of the name/description parameter in the createclassro...

PT-2025-47306

Name of the Vulnerable Software and Affected Versions SourceCodester Train Station Ticketing System version 1.0 Description A flaw exists in SourceCodester Train Station Ticketing System version 1.0 that allows for remote manipulation. Specifically, altering the id/station argument within the...

PT-2025-47297

Name of the Vulnerable Software and Affected Versions SourceCodester Interview Management System version 1.0 Description A security flaw exists in SourceCodester Interview Management System 1.0. The manipulation of the Question argument in the file /editQuestion.php can lead to cross site...

SourceCodester Student Grades Management System 代码注入漏洞

SourceCodester Student Grades Management System is a SourceCodester open source student grades management system. A code injection vulnerability exists in SourceCodester Student Grades Management System version 1.0, which stems from an incorrect manipulation of the parameter Remarks in the file...

SourceCodester Train Station Ticketing System SQL注入漏洞

SourceCodester Train Station Ticketing System is SourceCodester open source a train station ticketing system. A SQL injection vulnerability exists in SourceCodester Train Station Ticketing System version 1.0, which stems from an incorrect manipulation of the parameter Username in the file...

PT-2025-47322

Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A stored cross site scripting issue exists in the Student Grades Management System. The issue is related to the manipulation of the name and description arguments within t...

PT-2025-47319

Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A flaw exists in SourceCodester Student Grades Management System 1.0 related to the processing of the /grades.php file within the Add New Grade Page component. Manipulatio...

CVE-2025-63892

CVE-2025-63892 affects SourceCodester Student Grades Management System 1.0, specifically the /classroom.php file’s create_classroom function in the My Classrooms Management Page. The vulnerability arises from manipulation of the name/description arguments, enabling stored cross-site scripting. Ex...

EUVD-2025-197808

Cross-Site Scripting XSS vulnerability exists in SourceCodester AI Font Matcher nid=18425, 2025-10-10 that allows remote attackers to execute arbitrary JavaScript in victims' browsers. The vulnerability occurs in the webfonts API handling mechanism where font family names are not properly...

CVE-2025-63708

Cross-Site Scripting XSS vulnerability exists in SourceCodester AI Font Matcher nid=18425, 2025-10-10 that allows remote attackers to execute arbitrary JavaScript in victims' browsers. The vulnerability occurs in the webfonts API handling mechanism where font family names are not properly...