CVE-2025-4898

CVE-2025-4898 affects SourceCodester Student Result Management System 1.0. The vulnerability resides in the Logo File Handler inside the function handling unlink in the file update_system.php, where manipulation of the argument old_logo enables a path traversal . Exploitation can be performed rem...

CVE-2025-4898 SourceCodester Student Result Management System Logo File update_system.php unlink path traversal

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects the function unlink of the file updatesystem.php of the component Logo File Handler. The manipulation of the argument oldlogo leads to path traversal. The...

CVE-2025-4895

A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/delete-session.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-4895

A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/delete-session.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-4895 SourceCodester Doctors Appointment System delete-session.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/delete-session.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-4895 SourceCodester Doctors Appointment System delete-session.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/delete-session.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-4895

CVE-2025-4895 concerns SourceCodester Doctors Appointment System 1.0. The issue is a SQL injection caused by insecure handling of the ID/ID argument in the file /admin/delete-session.php, enabling remote exploitation. Multiple connected sources confirm the vulnerability and public disclosure of e...

CVE-2025-4887

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Student Clearance System 1.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclos...

CVE-2025-4887

CVE-2025-4887 affects SourceCodester Online Student Clearance System 1.0. The connected sources describe a cross-site request forgery vulnerability impacting unknown functionality, with remote exploitation and public disclosure. The documentation does not provide specific vulnerable components, r...

CVE-2025-4887 SourceCodester Online Student Clearance System cross-site request forgery

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Student Clearance System 1.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclos...

CVE-2025-4787

A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of the file /admin/?page=sales/viewsale. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-4728

A vulnerability was found in SourceCodester Best Online News Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /search.php. The manipulation of the argument searchtitle leads to sql injection. It is possible to launch the attack remotely. The exploit has...

PT-2025-21866 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Result Management System version 1.0 Description: A critical issue has been identified, affecting the unlink function of the update system.php file in the Logo File Handler component. The manipulation of the old logo...

SourceCodester Student Result Management System 安全漏洞

SourceCodester Student Result Management System is a SourceCodester open source student result management system. A security vulnerability exists in SourceCodester Student Result Management System version 1.0, which stems from the mishandling of the oldlogo parameter in the file updatesystem.php,...

SourceCodester Online Student Clearance System 安全漏洞

SourceCodester Online Student Clearance System is a SourceCodester open source online student management system. A security vulnerability exists in SourceCodester Online Student Clearance System version 1.0, which stems from vulnerability to cross-site request forgery attacks...

PT-2025-21855 · Unknown · Sourcecodester Online Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Clearance System version 1.0 Description: A vulnerability has been found in the SourceCodester Online Student Clearance System, affecting some unknown functionality. The manipulation leads to cross-site request...

PT-2025-21863 · Sourcecodester · Sourcecodester Doctors Appointment System

Name of the Vulnerable Software and Affected Versions: SourceCodester Doctors Appointment System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Doctors Appointment System. This issue affects some unknown processing of the file /admin/delete-session.php. The...

CVE-2025-4720

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/dropstudent.php. The manipulation of the argument img leads to path traversal. The attack can be initiated remotely...

CVE-2023-1061

A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument email/oldmail leads to sql injection. The attack may be initiated...

CVE-2023-1059

A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search/id leads to sql injection. The attack can be...