CVE-2026-36922

Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/viewcategory.php...

CVE-2026-36945

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/clients/manageclient.php...

CVE-2026-36938

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/viewroom.php...

CVE-2026-36937

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...

CVE-2026-36943

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/managerepair.php...

SourceCodester Computer and Mobile Repair Shop Management system 安全漏洞

The SourceCodester Computer and Mobile Repair Shop Management system is a simple PHP project open source by SourceCodester. It provides a website that displays information about the store. This project also manages customers’ repair records; if their devices have been repaired or serviced,...

CVE-2026-36920

CVE-2026-36920 affects Sourcecodester Online Reviewer System v1.0. The Red Hat, ENISA EUVD, CIRCL, NVD, CVE lists, and Vulners enrichment all indicate a SQL Injection vulnerability in /system/system/admins/assessments/examproper/questions-view.php. Root cause details are not explicitly provided b...

PT-2026-32372

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage room.php...

📄 OpenSTAManager 2.9.8 SQL Injection

OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Scadenzario bulk operations module. CVE-2026-24418: OpenSTAManager has a SQL Injection vulnerability in the Scadenzario bulk operations module Overview | Field | Details | |---|---| | CVE ID |...

CVE-2026-36937

Product/affected software: Sourcecodester Online Resort Management System v1.0. Vulnerability: SQL injection in the admin reservations details page path /orms/admin/reservations/view_details.php. Root cause (as stated): Unsafely constructed SQL in the PHP file. Impact/risks: Documented as a SQL i...

CVE-2026-36945

CVE-2026-36945 affects Sourcecodester Computer and Mobile Repair Shop Management System v1.0. A SQL injection flaw exists in /rsms/admin/clients/manage_client.php, with low overall impact (C/L, I/N, A/N) and requires high privileges; exploitation details not provided in the supplied documents. No...

CVE-2026-36944

The CVE-2026-36944 entry concerns Sourcecodester Computer and Mobile Repair Shop Management System v1.0, where a SQL injection vulnerability exists in the file rsms/admin/repairs/view_details.php. The issue is documented across multiple feeds (NVD, Red Hat, CIRCL, EUVD, CVE lists, etc.), with a s...

CVE-2026-36946

CVE-2026-36946 affects Sourcecodester Computer and Mobile Repair Shop Management System v1.0. The vulnerability is an SQL injection in the file /rsms/admin/inquiries/view_details.php. The CVSS v3.1 data in the sources indicates: Network attack vector, low confidentiality impact, no integrity/avai...

CVE-2026-36872

CVE-2026-36872 affects Sourcecodester Basic Library System v1.0, with a SQL Injection vulnerability in the script path /librarysystem/load_book.php. The connected records confirm the vulnerable endpoint but do not provide detailed root cause analysis, affected parameter names, or remediation step...

CVE-2026-36942

CVE-2026-36942: Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/activities/manage_activity.php. The linked records confirm a SQL injection flaw affecting that PHP file; CVSS 3.1 base shows low severity (2.7) with network access, low impact on conf...

CVE-2026-36947

CVE-2026-36947 affects Sourcecodester Computer and Mobile Repair Shop Management System v1.0. The vulnerability is a SQL Injection in /rsms/admin/services/view_service.php. CVSS v3.1 base score 2.7 (LOW) with network attack vector, low complexity, requiring high privileges and no user interaction...

CVE-2026-36922

CVE-2026-36922 affects Sourcecodester Cab Management System v1.0; SQL injection in /cms/admin/categories/view_category.php. Root cause is vulnerable SQL handling in that file. CVSS 3.1 base score 2.7 (LOW) with Confidentiality impact: LOW; no impact to integrity or availability stated. Other conn...

CVE-2026-36873

CVE-2026-36873 affects Sourcecodester Basic Library System v1.0. The vulnerability is a SQL Injection in the administrative loader endpoint at /librarysystem/load_admin.php (variants in copies show /librarysystem/load_admin.php). Evidence from Red Hat, ENISA EUVD, CIRCL, CVE lists confirms the sa...

PT-2026-32402

A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...