Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16072 matches found

Cvelist
Cvelistadded 2025/04/16 2:31 p.m.14 views

CVE-2025-3694 SourceCodester Web-based Pharmacy Product Management System Login sql injection

A vulnerability classified as critical has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part of the component Login Handler. The manipulation of the argument loginemail leads to sql injection. It is possible to initiate the attack remotely...

7.5CVSS0.00498EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/04/16 2:31 p.m.5 views

CVE-2025-3694 SourceCodester Web-based Pharmacy Product Management System Login sql injection

A vulnerability classified as critical has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part of the component Login Handler. The manipulation of the argument loginemail leads to sql injection. It is possible to initiate the attack remotely...

7.5CVSS7.7AI score0.00498EPSS
Exploits1References5
CVE
CVEadded 2025/04/16 2:31 p.m.63 views

CVE-2025-3694

CVE-2025-3694 affects SourceCodester Web-based Pharmacy Product Management System 1.0, specifically the Login Handler component. The root cause isSQL injection triggered by manipulating the login_email parameter in the login flow, allowing remote exploitation. Public exploit details are reference...

9.8CVSS7.5AI score0.00498EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2025/04/16 2:15 p.m.1 views

CVE-2025-3692

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=saveproduct. The manipulation leads to cross site scripting. The attack can be launched...

5.4CVSS3.6AI score0.00293EPSS
Exploits1References5
NVD
NVDadded 2025/04/16 2:15 p.m.23 views

CVE-2025-3692

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=saveproduct. The manipulation leads to cross site scripting. The attack can be launched...

5.4CVSS0.00293EPSS
Exploits1References5
CVE
CVEadded 2025/04/16 1:31 p.m.70 views

CVE-2025-3692

CVE-2025-3692 affects SourceCodester Online Eyewear Shop 1.0. The vulnerability lies in an unknown functionality exercised by the file /oews/classes/Master.php?f=save_product, enabling cross-site scripting. The attack is possible remotely and the exploit has been disclosed publicly. Connected sou...

5.4CVSS3.5AI score0.00293EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2025/04/16 12:0 a.m.9 views

CVE-2024-40068

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=templates/managetemplate&id=1...

0.00208EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/04/16 12:0 a.m.14 views

CVE-2025-29709

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio...

0.00515EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/04/16 12:0 a.m.9 views

CVE-2025-29710

SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting XSS via /dashboard/Services...

0.00251EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/04/16 12:0 a.m.4 views

CVE-2024-40070

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/Users.php?f=save. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

5.9AI score0.00217EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/04/16 12:0 a.m.7 views

CVE-2024-40068

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=templates/managetemplate&id=1...

6.1AI score0.00208EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/04/16 12:0 a.m.7 views

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

9.6AI score0.00515EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/04/16 12:0 a.m.7 views

CVE-2025-29709

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio...

9.6AI score0.00515EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/04/16 12:0 a.m.6 views

CVE-2024-40069

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'...

5.3AI score0.00218EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/04/16 12:0 a.m.8 views

CVE-2024-40071

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

8.4AI score0.00598EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/04/16 12:0 a.m.16 views

CVE-2024-40071

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

0.00598EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/04/16 12:0 a.m.8 views

CVE-2024-40073

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the template parameter at idgenerator/admin/?page=generate&template=4...

8.5AI score0.00406EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/04/16 12:0 a.m.2 views

SourceCodester Web-based Pharmacy Product Management System 注入漏洞

SourceCodester Web-based Pharmacy Product Management System is SourceCodester open source a Web-based pharmacy product management system . An injection vulnerability exists in the SourceCodester Web-based Pharmacy Product Management System version 1.0, which results from SQL injection due to...

9.8CVSS7.8AI score0.00498EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/04/16 12:0 a.m.2 views

SourceCodester Web-based Pharmacy Product Management System 注入漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. An injection vulnerability exists in SourceCodester Web-based Pharmacy Product Management System version 1.0, which results from SQL injection due to incorrect...

8.8CVSS6.8AI score0.00405EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/04/16 12:0 a.m.2 views

PT-2025-16781 · Sourcecodester · Sourcecodester Web-Based Pharmacy Product Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-based Pharmacy Product Management System version 1.0 Description: A critical issue was found in the system, affecting the file /search/search stock.php. The manipulation of the Name argument leads to SQL injection. This iss...

8.8CVSS6.8AI score0.00405EPSS
Exploits1References10
Rows per page
Query Builder