SourceCodester Web-based Pharmacy Product Management System 命令注入漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. A command injection vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which is caused by incorrect...

SourceCodester Company Website CMS 安全漏洞

SourceCodester Company Website CMS is an open source content management system from SourceCodester. A security vulnerability exists in SourceCodester Company Website CMS version 1.0, which stems from the vulnerability of files/dashboard/Services to cross-site scripting attacks...

SourceCodester Company Website CMS 安全漏洞

SourceCodester Company Website CMS is an open source content management system from SourceCodester. A security vulnerability exists in SourceCodester Company Website CMS version 1.0, which stems from the portfolio feature not properly validating uploaded files, which could result in arbitrary fil...

SourceCodester Company Website CMS 安全漏洞

SourceCodester Company Website CMS is an open source content management system from SourceCodester. A security vulnerability exists in SourceCodester Company Website CMS version 1.0, which stems from a Services feature that does not properly validate uploaded files, which could lead to arbitrary...

SourceCodester Online ID Generator System 安全漏洞

SourceCodester Online ID Generator System is an open source online identity generator system from SourceCodester. A security vulnerability exists in SourceCodester Online ID Generator System version 1.0, which stems from a stored cross-site scripting attack due to misuse of the parameter shortnam...

Sourcecodester Online ID Generator System 安全漏洞

SourceCodester Online ID Generator System is an online identity generator system from SourceCodester open source. A security vulnerability exists in the Sourcecodester Online ID Generator System version 1.0, which stems from an incorrect manipulation of the parameter id leading to SQL injection...

Sourcecodester Online ID Generator System 安全漏洞

Sourcecodester Online ID Generator System is an online identity generator system from SourceCodester open source. A security vulnerability exists in version 1.0 of the Sourcecodester Online ID Generator System, which stems from allowing the upload of arbitrary files and could lead to the executio...

Sourcecodester Online ID Generator System 安全漏洞

SourceCodester Online ID Generator System is an online identity generator system from SourceCodester open source. A security vulnerability exists in version 1.0 of the Sourcecodester Online ID Generator System, which stems from allowing the upload of arbitrary files and could lead to the executio...

SourceCodester Online ID Generator System 安全漏洞

SourceCodester Online ID Generator System is an open source online identity generator system from SourceCodester. A security vulnerability exists in SourceCodester Online ID Generator System version 1.0, which stems from a stored cross-site scripting attack due to incorrect manipulation of the...

Sourcecodester Online ID Generator System 安全漏洞

SourceCodester Online ID Generator System is an online identity generator system from SourceCodester open source. A security vulnerability exists in the Sourcecodester Online ID Generator System version 1.0, which stems from an incorrect manipulation of the parameter id leading to SQL injection...

CVE-2025-29708

CVE-2025-29708 affects SourceCodester Company Website CMS 1.0. The vulnerability is a file upload flaw in the Create Services endpoint (/dashboard/Services) that could allow arbitrary file uploads due to improper validation. CVSS v3.1 base score 9.8 (network access, no authentication, user intera...

CVE-2024-40073

SourceCodester Online ID Generator System 1.0 is affected by a SQL injection vulnerability in the template parameter of id_generator/admin/?page=generate&template=4. The root cause is improper input handling leading to injection, exposing high-risk impact on confidentiality, integrity, and availa...

CVE-2025-29710

CVE-2025-29710 - SourceCodester Company Website CMS 1.0 suffers a Cross Site Scripting (XSS) vulnerability in the /dashboard/Services API endpoint. The PT-2025-16893 entry specifies that the issue is related to the /dashboard/Services endpoint and allows potential malicious script injection, affe...

CVE-2024-40069

Sourcecodester Online ID Generator System 1.0 is affected by a Stored Cross-Site Scripting (XSS) flaw in id_generator/classes/Users.php?f=save, triggered by the POST parameters firstname and lastname. Root cause is unescaped user input leading to script execution in the context of authenticated/u...

CVE-2025-29709

The CVE-2025-29709 entry concerns SourceCodester Company Website CMS 1.0, where the file upload feature under the Create portfolio path (/dashboard/portfolio) is vulnerable. The root cause is improper validation of uploaded files, enabling arbitrary file uploads. Documented impact indicates poten...

CVE-2024-40074

CVE-2024-40074 affects SourceCodester Online ID Generator System 1.0. The flaw is a Stored Cross-Site Scripting (XSS) vulnerability in id_generator/classes/SystemSettings.php?f=update_settings, with the point of vulnerability in the POST parameter short_name. CVSSv3.1 base score 4.8 (MEDIUM), net...

CVE-2024-40070

CVE-2024-40070 affects Sourcecodester Online ID Generator System 1.0. The issue is an arbitrary file upload vulnerability at id_generator/classes/Users.php?f=save that allows an attacker to execute arbitrary PHP code by uploading a crafted file. The connected documents provide concrete details ab...

CVE-2024-40072

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=generate/index&id=1...

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

PT-2025-16782 · Sourcecodester · Sourcecodester Web-Based Pharmacy Product Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-based Pharmacy Product Management System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file /edit-product.php. The manipulation of the ID argument leads to SQL...