PT-2025-16898 · Unknown · Sourcecodester Simple Hotel Booking System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Hotel Booking System version 1.0 Description: A critical vulnerability was found in the Login function, where the manipulation of the uname argument leads to a buffer overflow. This issue can be exploited on the local...

PT-2025-16891 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue concerns a file upload vulnerability via the "Create Services" file. This vulnerability can be exploited through the "/dashboard/Services" API endpoint. The Create Services...

PT-2025-16787 · Sourcecodester · Sourcecodester Online Id Generator System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online ID Generator System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability. This is achieved through the id...

CVE-2024-40072

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=generate/index&id=1...

CVE-2024-40068

Sourcecodester Online ID Generator System 1.0 contains a SQL injection in the id parameter of id_generator/admin/?page=templates/manage_template&id=1. Root cause: improper handling of user input leading to SQL injection. Impact per available metrics is Confidentiality/Integrity/Availability Low w...

PT-2025-16796 · Sourcecodester · Sourcecodester Online Id Generator System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online ID Generator System version 1.0 Description: The issue is related to Stored Cross Site Scripting XSS via the id generator/classes/SystemSettings.php?f=update settings endpoint, with the point of vulnerability being in th...

PT-2025-16793 · Unknown · Sourcecodester Online Id Generator System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online ID Generator System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability. This is achievable through the id...

PT-2025-16893 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue is related to Cross Site Scripting XSS via the /dashboard/Services API endpoint. This allows for potential malicious script injection. No information is provided about the...

PT-2025-16892 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue is a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio. This vulnerability allows for unauthorized file uploads, potentially leading to securit...

CVE-2024-40074

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/SystemSettings.php?f=updatesettings, and the point of vulnerability is in the POST parameter 'shortname'...

CVE-2024-40070

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/Users.php?f=save. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2024-40073

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the template parameter at idgenerator/admin/?page=generate&template=4...

CVE-2025-3589

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manageclass.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-3589 SourceCodester Music Class Enrollment System manage_class.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manageclass.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-3589 SourceCodester Music Class Enrollment System manage_class.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manageclass.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-3589

SourceCodester Music Class Enrollment System 1.0 is affected by a SQL injection in an unknown function of /manage_class.php caused by manipulation of the ID parameter. The issue can be exploited remotely, and public exploit information exists. Connected sources reiterate the vulnerability but do ...

SourceCodester Music Class Enrollment System 安全漏洞

SourceCodester Music Class Enrollment System is an open source music class enrollment system from SourceCodester. A security vulnerability exists in SourceCodester Music Class Enrollment System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter ID in...

PT-2025-16272 · Unknown · Sourcecodester Music Class Enrollment System

Name of the Vulnerable Software and Affected Versions: SourceCodester Music Class Enrollment System version 1.0 Description: A critical vulnerability was found in the SourceCodester Music Class Enrollment System. The issue affects an unknown function of the file /manage class.php. The manipulatio...

CVE-2025-3383

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /search/searchsales.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated...

CVE-2025-3315

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-report.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched...