Filtered by vendor Sourcecodester
Subscriptions
Total
803 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-11491 | 2 Codeastro, Sourcecodester | 2 Human Resource Management System, Human Resource Management System | 2026-06-09 | 2.4 Low |
| A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All_notice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input <svg onload="alert('Stored XSS Triggered by Ashik Mohamed')"> as part of POST leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-11552 | 1 Sourcecodester | 3 Onlne Examination & Learning Management System, Onlne Examination Learning Management System, Syllabus-aligned Learning Management And Examination System | 2026-06-09 | 5.3 Medium |
| A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import_users.php. The manipulation of the argument raw_password with the input CICT_2026 leads to use of hard-coded password. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names. | ||||
| CVE-2026-10877 | 1 Sourcecodester | 1 Ship Ferry Ticket Reservation System | 2026-06-08 | 7.3 High |
| A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-11486 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-06-08 | 7.3 High |
| A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. | ||||
| CVE-2026-11338 | 1 Sourcecodester | 1 Ship Ferry Ticket Reservation System | 2026-06-08 | 2.4 Low |
| A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-11518 | 1 Sourcecodester | 1 Inventory System | 2026-06-08 | 4.3 Medium |
| A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-10876 | 1 Sourcecodester | 1 Ship Ferry Ticket Reservation System | 2026-06-08 | 6.3 Medium |
| A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the argument page causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-11515 | 1 Sourcecodester | 1 Barangay Resident Profiling And Information Management System | 2026-06-08 | 5.3 Medium |
| A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword_reset.php of the component Password Reset Handler. Such manipulation of the argument new_password with the input password123 leads to use of hard-coded password. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-11471 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-06-08 | 7.3 High |
| A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-11482 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-06-08 | 7.3 High |
| A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /archive5.php. The manipulation of the argument sy leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-11484 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-06-08 | 7.3 High |
| A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of the argument sy causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-11501 | 1 Sourcecodester | 1 Hospitals Patient Records Management System | 2026-06-08 | 7.3 High |
| A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=save_patient. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-10295 | 1 Sourcecodester | 1 Customer Review App | 2026-06-03 | 3.3 Low |
| A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approach. The exploit has been made public and could be used. | ||||
| CVE-2026-10624 | 1 Sourcecodester | 1 Human Resource Management | 2026-06-03 | 4.3 Medium |
| A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifiers. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-10704 | 1 Sourcecodester | 2 Pizzafy E-commerce System, Pizzafy Ecommerce System | 2026-06-03 | 7.3 High |
| A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/admin_class_novo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. | ||||
| CVE-2026-10693 | 1 Sourcecodester | 1 Online Boat Reservation System | 2026-06-03 | 6.3 Medium |
| A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected. | ||||
| CVE-2026-10694 | 1 Sourcecodester | 1 Online Food Ordering System | 2026-06-03 | 7.3 High |
| A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-10287 | 1 Sourcecodester | 1 Seo Meta Tag Extractor | 2026-06-02 | 7.3 High |
| A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability affects the function get_headers of the file /index.php. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-10263 | 1 Sourcecodester | 1 Computer Repair Shop Management System | 2026-06-02 | 7.3 High |
| A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manage_product.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-10558 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-06-02 | 6.3 Medium |
| A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||