CVE-2025-1597 SourceCodester Best Church Management Software redirect.php cross site scripting

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/redirect.php. The manipulation of the argument a leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2025-1597 SourceCodester Best Church Management Software redirect.php cross site scripting

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/redirect.php. The manipulation of the argument a leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2025-1597

SourceCodester Best Church Management Software 1.0 contains a cross-site scripting vulnerability in the /admin/redirect.php endpoint. The issue is triggered by manipulating the argument a, enabling remote XSS. Exploit discussion has circulated publicly. There is no explicit patched version in the...

CVE-2025-1596

A vulnerability (CVE-2025-1596) affects SourceCodester Best Church Management Software 1.0 and is caused by manipulation of the email parameter in /fpassword.php, leading to SQL injection. Exploitation can be remote, and multiple sources confirm public disclosure of the exploit with no vendor res...

CVE-2025-1596 SourceCodester Best Church Management Software fpassword.php sql injection

A vulnerability was found in SourceCodester Best Church Management Software 1.0 and classified as critical. This issue affects some unknown processing of the file /fpassword.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-1596 SourceCodester Best Church Management Software fpassword.php sql injection

A vulnerability was found in SourceCodester Best Church Management Software 1.0 and classified as critical. This issue affects some unknown processing of the file /fpassword.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-1593

A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /hrsoft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It is possible to...

CVE-2025-1593

A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /hrsoft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It is possible to...

CVE-2025-1592

A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument assignname/description...

CVE-2025-1593 SourceCodester Best Employee Management System Profile Picture unrestricted upload

A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /hrsoft/assets/uploadImage/Profile/ of the component Profile Picture Handler. The manipulation leads to unrestricted upload. It is possible to...

CVE-2025-1593

CVE-2025-1593 affects SourceCodester Best Employee Management System 1.0, specifically the Profile Picture Handler. The vulnerability resides in unrestricted file upload to the path /_hr_soft/assets/uploadImage/Profile/, allowing remote attackers to upload arbitrary files. The description consist...

CVE-2025-1592 SourceCodester Best Employee Management System Add Role Page Role.php cross site scripting

A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument assignname/description...

CVE-2025-1592 SourceCodester Best Employee Management System Add Role Page Role.php cross site scripting

A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument assignname/description...

CVE-2025-1592

Summary: CVE-2025-1592 affects SourceCodester Best Employee Management System 1.0, specifically the Add Role Page’s /admin/Operations/Role.php. The issue arises from manipulating the assign_name/description parameters, causing cross-site scripting that can be triggered remotely. The primary sourc...

CVE-2025-1590

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...

CVE-2025-1590

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...

CVE-2025-1591

CVE-2025-1591 affects SourceCodester Employee Management System 1.0, specifically the Department Page component. The vulnerability resides in /department.php where manipulating the Department Name parameter leads to cross-site scripting. The attack is described as remote. Connected sources corrob...

CVE-2025-1591 SourceCodester Employee Management System Department Page department.php cross site scripting

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /department.php of the component Department Page. The manipulation of the argument Department Name leads to cross...

CVE-2025-1591 SourceCodester Employee Management System Department Page department.php cross site scripting

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /department.php of the component Department Page. The manipulation of the argument Department Name leads to cross...

CVE-2025-1590 SourceCodester E-Learning System List of Lessons Page index.php unrestricted upload

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...