CVE-2026-36919

CVE-2026-36919 affects Sourcecodester Online Reviewer System v1.0. The vulnerability is a SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php. The available records confirm the impact is SQL injection but do not provide patch details or specific vulnerable param...

CVE-2026-36937

Product/affected software: Sourcecodester Online Resort Management System v1.0. Vulnerability: SQL injection in the admin reservations details page path /orms/admin/reservations/view_details.php. Root cause (as stated): Unsafely constructed SQL in the PHP file. Impact/risks: Documented as a SQL i...

CVE-2026-36941

CVE-2026-36941 affects Sourcecodester Online Resort Management System v1.0. Vulnerable component: /orms/admin/rooms/manage_room.php. Root cause: SQL Injection vulnerability in that file. Impact (per the entry): confidentiality impact is Low; no stated integrity or availability impact. Exploitatio...

CVE-2026-36920

CVE-2026-36920 affects Sourcecodester Online Reviewer System v1.0. The Red Hat, ENISA EUVD, CIRCL, NVD, CVE lists, and Vulners enrichment all indicate a SQL Injection vulnerability in /system/system/admins/assessments/examproper/questions-view.php. Root cause details are not explicitly provided b...

CVE-2026-36874

Sourcecodester Basic Library System v1.0 is affected by a SQL Injection in /librarysystem/load_student.php. The CVSSv3.1 base score is 2.7 (LOW) with confidentiality impact LOW and no demonstrated exploit details in the provided documents. No remediation or patch information is included in the co...

CVE-2026-36942

CVE-2026-36942: Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/activities/manage_activity.php. The linked records confirm a SQL injection flaw affecting that PHP file; CVSS 3.1 base shows low severity (2.7) with network access, low impact on conf...

CVE-2026-36946

CVE-2026-36946 affects Sourcecodester Computer and Mobile Repair Shop Management System v1.0. The vulnerability is an SQL injection in the file /rsms/admin/inquiries/view_details.php. The CVSS v3.1 data in the sources indicates: Network attack vector, low confidentiality impact, no integrity/avai...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

Code-Projects Vehicle Showroom Management System is an open-source automotive showroom management system developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the...

PT-2026-32221

Name of the Vulnerable Software and Affected Versions Vehicle Showroom Management System version 1.0 Description A SQL injection issue exists in an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Manipulating the BRANCH ID argument can trigger the injection. The attack...

CVE-2026-36873

Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/loadadmin.php...

PT-2026-32392

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chk prod availability. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit...

PT-2026-32277

Name of the Vulnerable Software and Affected Versions The Form Maker by 10Web WordPress plugin versions prior to 1.15.38 Description Improper preparation of SQL queries occurs when the "MySQL Mapping" feature is active, which may enable SQL Injection attacks in certain contexts. Recommendations...

SourceCodester Online Thesis Archiving System 安全漏洞

The SourceCodester Online Thesis Archiving System is an open-source online thesis archiving system developed by SourceCodester. Version 1.0 of the SourceCodester Online Thesis Archiving System contains a security vulnerability, which stems from an SQL injection vulnerability in the file...

SourceCodester Computer and Mobile Repair Shop Management system 安全漏洞

The SourceCodester Computer and Mobile Repair Shop Management system is a simple PHP project open source by SourceCodester. It provides a website that displays information about the store. This project also manages customers’ repair records; if their devices have been repaired or serviced,...

PT-2026-32356

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view service.php...

PT-2026-32515

Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 through 5.5.4, there is an SQL injection vulnerability in the Commerce TotalRevenue widget which allows any authenticated control panel user to achieve remote code execution through a four-step...

SourceCodester Pharmacy Sales and Inventory System SQL注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System has a SQL injection vulnerability. This vulnerability arises from incorrect...

PT-2026-32372

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage room.php...

SourceCodester Basic Library System 安全漏洞

The SourceCodester Basic Library System is an open-source library system developed by SourceCodester. Version 1.0 of the SourceCodester Basic Library System contains a security vulnerability, which stems from an SQL injection vulnerability in the /librarysystem/loadadmin.php file...

PT-2026-32401

A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has been made public and...