16072 matches found
CVE-2025-57425
CVE-2025-57425 : A Stored Cross-Site Scripting (XSS) vulnerability affects SourceCodester FAQ Management System 1.0. The issue arises in the update-faq.php endpoint where the authenticated attacker can inject JavaScript into the question and answer fields due to inadequate input handling. Impact ...
SourceCodester Human Resource Information System 安全漏洞
SourceCodester Human Resource Information System is an open source human resource information system from SourceCodester. A security vulnerability exists in SourceCodester Human Resource Information System version 1.0, which originates from a misbehavior of the parameter employee in the file...
PT-2025-34743
Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Information System version 1.0 Description: A flaw exists in SourceCodester Human Resource Information System 1.0 within an unknown functionality of the /Admin Dashboard/process/editemployee process.php file...
SourceCodester Human Resource Information System 安全漏洞
SourceCodester Human Resource Information System is an open source human resource information system from SourceCodester. A security vulnerability exists in SourceCodester Human Resource Information System version 1.0, which originates from a misbehavior of the parameter employee in the file...
SourceCodester FAQ Management System 安全漏洞
SourceCodester FAQ Management System is an open source question and answer management system from SourceCodester. A security vulnerability exists in version 1.0 of the SourceCodester FAQ Management System, which stems from the update-faq.php endpoint that does not clean up the question and answer...
CVE-2025-57425
A Stored Cross-Site Scripting XSS vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint...
SourceCodester Online Bank Management System 安全漏洞
SourceCodester Online Bank Management System is a SourceCodester open source online bank management system. A security vulnerability exists in SourceCodester Online Bank Management System version 1.0, which is caused by a SQL injection attack due to incorrect manipulation of the parameter msg in...
CVE-2025-57425
A Stored Cross-Site Scripting XSS vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint...
PT-2025-34745
Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Information System version 1.0 Description: A vulnerability exists in SourceCodester Human Resource Information System 1.0, specifically within an unknown functionality of the /Superadmin...
CVE-2025-9306
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely...
CVE-2025-9305
A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
CVE-2025-9304
A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made...
CVE-2025-9306 SourceCodester Advanced School Management System addNotice cross site scripting
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely...
CVE-2025-9306 SourceCodester Advanced School Management System addNotice cross site scripting
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely...
CVE-2025-9306
SourceCodester Advanced School Management System 1.0 contains a Stored XSS in /index.php/notice/addNotice effected by the noticeSubject parameter. The root cause is improper sanitization/escaping of user input, allowing an attacker to inject script that executes in other users’ browsers. The vuln...
CVE-2025-9305
A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
CVE-2025-9305
CVE-2025-9305 affects SourceCodester Online Bank Management System 1.0. The vulnerability is a SQL injection in the unknown function of /bank/mnotice.php triggered by manipulating the ID parameter. It is exploitable remotely and exploits have been publicly disclosed. Evidence from multiple source...
CVE-2025-9305 SourceCodester Online Bank Management System mnotice.php sql injection
A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
CVE-2025-9304 SourceCodester Online Bank Management System show.php sql injection
A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made...
CVE-2025-9304 SourceCodester Online Bank Management System show.php sql injection
A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made...