Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16049 matches found

RedhatCVE
RedhatCVEadded 2025/10/08 6:18 p.m.10 views

CVE-2025-11401

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/savecurr.php. This manipulation of the argument currcode causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and ma...

9.8CVSS6.8AI score0.00044EPSS
Exploits1References1
NVD
NVDadded 2025/10/08 6:15 p.m.6 views

CVE-2025-11487

A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS0.00055EPSS
Exploits1References5
CVE
CVEadded 2025/10/08 5:32 p.m.9 views

CVE-2025-11487

The CVE-2025-11487 entry concerns SourceCodester Farm Management System 1.0. Affected is the code path in /uploadProduct.php where manipulating the Type argument triggers an SQL injection. Multiple sources confirm remote exploit potential and that an exploit has been released publicly. The connec...

9.8CVSS6.7AI score0.00055EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2025/10/08 5:32 p.m.13 views

CVE-2025-11487 SourceCodester Farm Management System uploadProduct.php sql injection

A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00055EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/10/08 5:32 p.m.2 views

CVE-2025-11487 SourceCodester Farm Management System uploadProduct.php sql injection

A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The exploit has been...

6.5CVSS6.5AI score0.00055EPSS
Exploits1References5
NVD
NVDadded 2025/10/08 5:15 p.m.2 views

CVE-2025-11485

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

4.8CVSS0.00035EPSS
Exploits1References5
OSV
OSVadded 2025/10/08 5:15 p.m.3 views

CVE-2025-11485

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

4.8CVSS4.1AI score
Exploits0References5
CVE
CVEadded 2025/10/08 5:2 p.m.7 views

CVE-2025-11486

CVE-2025-11486 affects SourceCodester Farm Management System 1.0. The vulnerability is in the /buyNow.php file, where manipulation of the Name parameter enables a SQL injection. It is described as remotely exploitable, with a publicly available exploit. The Red Hat/NVD/CVE records and related fee...

9.8CVSS6.8AI score0.0004EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2025/10/08 5:2 p.m.3 views

EUVD-2025-33303

A vulnerability was identified in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /buyNow.php. Such manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit is publicly available an...

6.5CVSS6.6AI score0.0004EPSS
Exploits1References7
Cvelist
Cvelistadded 2025/10/08 5:2 p.m.8 views

CVE-2025-11485 SourceCodester Student Grades Management System Manage Users admin.php add_user cross site scripting

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

4.8CVSS0.00035EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/10/08 5:2 p.m.8 views

CVE-2025-11485 SourceCodester Student Grades Management System Manage Users admin.php add_user cross site scripting

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...

4.8CVSS5.6AI score0.00035EPSS
Exploits1References5
CVE
CVEadded 2025/10/08 5:2 p.m.9 views

CVE-2025-11485

CVE-2025-11485 affects SourceCodester Student Grades Management System 1.0, specifically the add_user function in /admin.php within the Manage Users Page. The vulnerability arises from manipulating the first_name/last_name parameters, enabling cross-site scripting (XSS). The issue can be exploite...

4.8CVSS5.6AI score0.00035EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVEadded 2025/10/08 4:47 p.m.3 views

CVE-2025-11400

A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /delroom.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

9.8CVSS7.1AI score0.00044EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/10/08 4:47 p.m.3 views

CVE-2025-11399

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/saveroom.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible. The exploit has bee...

9.8CVSS7AI score0.00044EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/10/08 4:47 p.m.2 views

CVE-2025-11398

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The impacted element is an unknown function of the file /profile.php of the component Profile Page. Executing manipulation of the argument image can lead to unrestricted upload. The attack may be launched...

8.8CVSS6.8AI score0.0007EPSS
Exploits1References1
NVD
NVDadded 2025/10/08 3:16 p.m.3 views

CVE-2025-60313

Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting XSS in the Enter URLs to check input field. This allows a remote attacker to execute arbitrary code...

6.1CVSS0.00091EPSS
Exploits1References2
OSV
OSVadded 2025/10/08 3:16 p.m.1 views

CVE-2025-60313

Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting XSS in the Enter URLs to check input field. This allows a remote attacker to execute arbitrary code...

6.1CVSS6.1AI score0.00091EPSS
Exploits1References2
OSV
OSVadded 2025/10/08 3:16 p.m.1 views

CVE-2025-11479

A security vulnerability has been detected in SourceCodester Wedding Reservation Management System 1.0. Impacted is the function insertReservation of the file function.php. Such manipulation of the argument number leads to sql injection. The attack can be executed remotely. The exploit has been...

9.8CVSS5.8AI score0.00042EPSS
Exploits1References5
NVD
NVDadded 2025/10/08 3:16 p.m.2 views

CVE-2025-11480

A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument registerusername results in sql injection. The attack is possible to be carried out remotely. The exploit ...

9.8CVSS0.00042EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/10/08 2:32 p.m.2 views

CVE-2025-11480 SourceCodester Simple E-Commerce Bookstore register.php sql injection

A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument registerusername results in sql injection. The attack is possible to be carried out remotely. The exploit ...

7.5CVSS6.7AI score0.00042EPSS
Exploits1References5
Rows per page
Query Builder