16072 matches found
CVE-2025-4728
A vulnerability was found in SourceCodester Best Online News Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /search.php. The manipulation of the argument searchtitle leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-4728
The CVE applies to SourceCodester Best Online News Portal 1.0, where an SQL injection is possible via the searchtitle parameter in /search.php. The root cause is a manipulation of the searchtitle input, enabling remote exploitation without authentication. Exploitation has been disclosed publicly....
CVE-2025-4728 SourceCodester Best Online News Portal search.php sql injection
A vulnerability was found in SourceCodester Best Online News Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /search.php. The manipulation of the argument searchtitle leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-4728 SourceCodester Best Online News Portal search.php sql injection
A vulnerability was found in SourceCodester Best Online News Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /search.php. The manipulation of the argument searchtitle leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-4720
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/dropstudent.php. The manipulation of the argument img leads to path traversal. The attack can be initiated remotely...
CVE-2025-4720 SourceCodester Student Result Management System drop_student.php path traversal
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/dropstudent.php. The manipulation of the argument img leads to path traversal. The attack can be initiated remotely...
CVE-2025-4720 SourceCodester Student Result Management System drop_student.php path traversal
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/dropstudent.php. The manipulation of the argument img leads to path traversal. The attack can be initiated remotely...
CVE-2025-4720
The CVE-2025-4720 entry concerns SourceCodester Student Result Management System 1.0, with a path traversal vulnerability in the file academic/core/drop_student.php. The issue arises from unsafely handling the img parameter, allowing an attacker to traverse the filesystem and potentially access r...
CVE-2025-44185
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/changepass.php via the password parameter...
CVE-2025-44185
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/changepass.php via the password parameter...
PT-2025-21289 · Sourcecodester · Sourcecodester Best Employee Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Best Employee Management System version V1.0 Description: The issue concerns a Cross Site Request Forgery CSRF in the /admin/change pass.php endpoint via the password parameter. This allows for potential unauthorized password...
SourceCodester Student Result Management System 路径遍历漏洞
SourceCodester Student Result Management System is a SourceCodester open source student result management system. SourceCodester Student Result Management System version 1.0 has a path traversal vulnerability, the vulnerability stems from the wrong operation of the parameter img in the file...
SourceCodester Best Employee Management System 安全漏洞
SourceCodester Best Employee Management System is a SourceCodester open source employee management system. A security vulnerability exists in SourceCodester Best Employee Management System version V1.0, which originates from the password parameter in /admin/changepass.php being susceptible to...
CVE-2025-44185
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/changepass.php via the password parameter...
PT-2025-21584 · Unknown · Sourcecodester Best Online News Portal
Name of the Vulnerable Software and Affected Versions: SourceCodester Best Online News Portal version 1.0 Description: A critical issue has been found, affecting an unknown function of the file /search.php. The manipulation of the searchtitle argument leads to SQL injection. This issue can be...
CVE-2025-44185
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/changepass.php via the password parameter...
CVE-2025-44186
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/Operation/User.php page...
CVE-2025-44186
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/Operation/User.php page...
CVE-2025-44184
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the websiteimage, fname, lname, contact, username, and address parameters...
CVE-2025-44186
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery CSRF in /admin/Operation/User.php page...