PT-2026-22523

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...

EUVD-2026-9192

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitemreuse.php...

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

CVE-2026-26700

CVE-2026-26700 affects sourcecodester Personnel Property Equipment System v1.0. The vulnerability is a SQL Injection in /ppes/admin/edit_employee.php caused by unsanitized input, enabling potential unauthorized data access or modification. The public metrics assign a CVSS v3.1 base score of 9.8 (...

CVE-2026-26707

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/viewsupplier.php...

CVE-2026-26707

CVE-2026-26707 affects sourcecodester Pharmacy Point of Sale System v1.0; vulnerable to SQL Injection in /pharmacy/view_supplier.php. Root cause: unsanitized input enabling injection. Impact: high confidentiality, integrity, and availability risk (CVSS 3.1: CRITICAL, network, no user interaction)...

CVE-2026-26705

The CVE-2026-26705 entry concerns sourcecodester Pharmacy Point of Sale System v1.0, vulnerable to SQL Injection in /pharmacy/view_product.php due to insufficient input validation. Documentation confirms the issue and impact (high confidentiality, integrity, and availability), with a CVSS v3.1 ba...

CVE-2026-26701

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...

CVE-2026-26703

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advancesearch.php...

EUVD-2026-8628

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected is an unknown function of the file /patient-search.php. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be executed...

CVE-2026-3170

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected is an unknown function of the file /patient-search.php. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be executed...

EUVD-2026-8618

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

PT-2026-21891

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /queue.php. This manipulation of the argument firstname/lastname causes cross site scripting. The attack is possible to b...

CVE-2026-2984

A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/dropuser.php. Such manipulation of the argument ID leads to denial of service. The attack can be executed remotely. The exploit is publicly available and...

PT-2026-21663

A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulnerability is an unknown functionality of the file upload.php. The manipulation of the argument filename results in cross site scripting. The attack may be launched remotely. The exploit is now public...

CVE-2026-2984

A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/dropuser.php. Such manipulation of the argument ID leads to denial of service. The attack can be executed remotely. The exploit is publicly available and...

CVE-2026-2984

A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/dropuser.php. Such manipulation of the argument ID leads to denial of service. The attack can be executed remotely. The exploit is publicly available and...

CVE-2026-2984

SourceCodester SourceCodester Student Result Management System 1.0 is affected by a vulnerability in /admin/core/drop_user.php where manipulation of the ID parameter can cause a remote denial of service. The initial entry provides CVSS metrics (2.x/3.x/4.x) and notes a publicly available exploit,...

CVE-2026-2984 SourceCodester Student Result Management System drop_user.php denial of service

A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/dropuser.php. Such manipulation of the argument ID leads to denial of service. The attack can be executed remotely. The exploit is publicly available and...

CVE-2026-2983

CVE-2026-2983 affects SourceCodester Student Result Management System 1.0. The vulnerability is in the Bulk Import component, specifically the unknown function handling the File argument in /admin/core/import_users.php, where manipulating File leads to improper access controls. Remote exploitatio...