CVE-2025-4937

CVE-2025-4937 affects SourceCodester Apartment Visitor Management System 1.0. A vulnerability in the file /profile.php—via the mobilenumber parameter—allows SQL injection. The issue is exploitable remotely, and the exploit has been disclosed publicly. Other parameters may also be affected. The av...

CVE-2025-4937 SourceCodester Apartment Visitor Management System profile.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4937 SourceCodester Apartment Visitor Management System profile.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4935

A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/changePassword.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2025-4935

A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/changePassword.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2025-4935 SourceCodester Stock Management System changePassword.php sql injection

A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/changePassword.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2025-4935 SourceCodester Stock Management System changePassword.php sql injection

A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/changePassword.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2025-4935

CVE-2025-4935 affects SourceCodester Stock Management System 1.0. The vulnerability is a SQL injection in the file /php_action/changePassword.php triggered by manipulating the user_id parameter. The issue is exploitable remotely and has public exploit references in multiple sources. Several conne...

CVE-2025-4924

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /uservoidtransaction.php. The manipulation of the argument orderid leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-4924

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /uservoidtransaction.php. The manipulation of the argument orderid leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-4924

SourceCodester Client Database Management System 1.0 is affected by CVE-2025-4924 via an SQL injection in the file /user_void_transaction.php, caused by manipulation of the order_id argument. The vulnerability can be exploited remotely and public exploit discussion exists. Connected sources corro...

CVE-2025-4924 SourceCodester Client Database Management System user_void_transaction.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /uservoidtransaction.php. The manipulation of the argument orderid leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-4923

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /userdeliveryupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attac...

CVE-2025-4923

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /userdeliveryupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attac...

CVE-2025-4923

CVE-2025-4923 affects SourceCodester Client Database Management System 1.0. The issue is an unrestricted file upload via the parameter uploaded_file_cancelled in the file /user_delivery_update.php, allowing remote exploit. The vulnerability is reported across multiple sources and the exploit has ...

CVE-2025-4923 SourceCodester Client Database Management System user_delivery_update.php unrestricted upload

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /userdeliveryupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attac...

CVE-2025-4923 SourceCodester Client Database Management System user_delivery_update.php unrestricted upload

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /userdeliveryupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attac...

CVE-2025-4912

A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/core/updatestudent.php of the component Image File Handler. The manipulation of the argument oldphoto lea...

CVE-2025-4912

A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/core/updatestudent.php of the component Image File Handler. The manipulation of the argument oldphoto lea...

CVE-2025-4912 SourceCodester Student Result Management System Image File update_student.php path traversal

A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/core/updatestudent.php of the component Image File Handler. The manipulation of the argument oldphoto lea...