PT-2025-20575

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description SourceCodester Client Database Management System version 1.0 is susceptible to SQL Injection through the superadmin phpmyadmin.php file. The issue allows for potential...

PT-2025-20526 · Sourcecodester · Sourcecodester Online Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Clearance System version 1.0 Description: A critical vulnerability was found in the SourceCodester Online Student Clearance System. This issue affects unknown code in the file /admin/edit-admin.php. The...

PT-2025-20543 · Sourcecodester · Online Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Clearance System version 1.0 Description: A vulnerability was found in the SourceCodester Online Student Clearance System, affecting an unknown functionality of the file /admin/add-student.php. The manipulation o...

CVE-2025-46192

CVE-2025-46192 affects SourceCodester Client Database Management System 1.0. Vulnerable component: user_payment_update.php, where SQL injection is possible via the order_id POST parameter due to improper input handling. Impact per CVSS: high confidentiality, integrity, and availability; overall c...

PT-2025-20581

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description The application lacks proper file extension checks, MIME type validation, and authentication when handling file uploads through the user payment update.php script...

PT-2025-20559

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description SourceCodester Client Database Management System version 1.0 is susceptible to remote code execution through arbitrary file upload in the user proposal update order.php...

PT-2025-20577

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description SourceCodester Client Database Management System version 1.0 is susceptible to a SQL Injection issue in the 'user delivery update.php' file. The issue is triggered throug...

PT-2025-20542 · Unknown · Sourcecodester Online Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Clearance System version 1.0 Description: A problematic issue has been found in the system, where the manipulation of the Username argument leads to cross-site scripting. This can be launched remotely. The issue...

PT-2025-20580 · Sourcecodester · Sourcecodester Apartment Visitor Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Apartment Visitor Management System version 1.0 Description: A critical issue affects the processing of the file /search-result.php, where the manipulation of the searchdata argument leads to SQL injection. This issue can be...

CVE-2025-46188

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadminphpmyadmin.php...

CVE-2025-46190

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userdeliveryupdate.php via the orderid POST parameter...

CVE-2025-46190

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userdeliveryupdate.php via the orderid POST parameter...

CVE-2025-46191

CVE-2025-46191 affects SourceCodester Client Database Management System 1.0, where an unauthenticated user can upload files through the uploaded_file_cancelled field in the file upload routine in user_payment_update.php . The vulnerability stems from inadequate validation: no proper file extensio...

CVE-2025-4331

A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument id/username/password leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-4313

A vulnerability, which was classified as critical, was found in SourceCodester Advanced Web Store 1.0. Affected is an unknown function of the file /admin/adminaddnewproduct.php. The manipulation of the argument txtProdId leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-4314

A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument txtLogin leads to sql injection. The attack can be launched remotely. The...

CVE-2025-4312

A vulnerability, which was classified as critical, has been found in SourceCodester Advanced Web Store 1.0. This issue affects some unknown processing of the file /productdetail.php. The manipulation of the argument prodid leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-4283

A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely...

CVE-2025-4267

A vulnerability, which was classified as critical, was found in SourceCodester/oretnom23 Stock Management System 1.0. This affects an unknown part of the file /admin/?page=purchaseorder/viewpo of the component Purchase Order Details Page. The manipulation of the argument ID leads to sql injection...

CVE-2025-45751

SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting XSS in add-admin.php via the Fullname text field...