CVE-2025-3728 SourceCodester Simple Hotel Booking System login buffer overflow

A vulnerability classified as critical was found in SourceCodester Simple Hotel Booking System 1.0. This vulnerability affects the function Login. The manipulation of the argument uname leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed...

CVE-2024-40073

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the template parameter at idgenerator/admin/?page=generate&template=4...

CVE-2024-40072

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=generate/index&id=1...

CVE-2024-40073

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the template parameter at idgenerator/admin/?page=generate&template=4...

CVE-2024-40074

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/SystemSettings.php?f=updatesettings, and the point of vulnerability is in the POST parameter 'shortname'...

CVE-2024-40069

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'...

CVE-2024-40068

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=templates/managetemplate&id=1...

CVE-2024-40071

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2024-40070

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/Users.php?f=save. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2024-40071

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2024-40070

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/Users.php?f=save. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2024-40068

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=templates/managetemplate&id=1...

CVE-2025-3697

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated...

CVE-2025-3697

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated...

CVE-2025-3694

A vulnerability classified as critical has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part of the component Login Handler. The manipulation of the argument loginemail leads to sql injection. It is possible to initiate the attack remotely...

CVE-2025-3697 SourceCodester Web-based Pharmacy Product Management System edit-product.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated...

CVE-2025-3697 SourceCodester Web-based Pharmacy Product Management System edit-product.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated...

CVE-2025-3697

The CVE-2025-3697 entry maps to a SQL injection in SourceCodester Web-based Pharmacy Product Management System 1.0, caused by improper handling of the ID parameter in /edit-product.php. A remote attacker could exploit this vulnerability, and public disclosures exist. The provided connected docume...

CVE-2025-3696 SourceCodester Web-based Pharmacy Product Management System search_stock. php sql injection

A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This vulnerability affects unknown code of the file /search/searchstock. php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. Th...

CVE-2025-3696

The CVE-2025-3696 entry covers SourceCodester Web-based Pharmacy Product Management System 1.0. A SQL injection affects the /search/search_stock.php file via manipulation of the Name parameter. This can be exploited remotely, and multiple sources confirm the vulnerability exists in the unknown co...