15944 matches found
CVE-2026-37600
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/viewdetails.php...
CVE-2026-37597
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php. The root cause is unsafe SQL query handling, enabling potential data leakage or modification. The CVSS metrics indicate a low severity (Base ...
PT-2026-32639
CVE-2026-37598 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution RCE via /scheduler/classes/SystemSettings.php?f=update settings. https://t.co/fzop5JczL7...
CVE-2026-37602
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manageuser.php...
CVE-2026-37602
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manageuser.php...
EUVD-2026-22016
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
EUVD-2026-22014
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...
EUVD-2026-22012
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chkprodavailability. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit i...
EUVD-2026-22008
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/managecurriculum.php...
EUVD-2026-22004
Sourcecodester Online Thesis Archiving System v1.0 is vulnerale to SQL injection in the file /otas/viewarchive.php...
EUVD-2026-22006
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in /otas/projectsperdepartment.php...
CVE-2026-6189
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2026-36952
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/managecurriculum.php...
CVE-2026-6188
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...
CVE-2026-36938
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/viewroom.php...
CVE-2026-36937
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...
CVE-2026-6189 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2026-6189 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2026-6189
CVE-2026-6189 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability resides in an unknown function in /ajax.php?action=login, where manipulating the Username argument enables a SQL injection. Attack is remote, with public exploits disclosed. Additional details (affecte...
CVE-2026-6188 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...