Filtered by vendor Sourcecodester
Subscriptions
Total
260 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10163 | 2 Oretnom23, Sourcecodester | 2 Sentiment Based Movie Rating System, Sentiment Based Movie Rating System | 2024-10-22 | 6.3 Medium |
| A vulnerability was found in SourceCodester Sentiment Based Movie Rating System 1.0. It has been classified as critical. Affected is an unknown function of the file /msrps/movie_details.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure mentions a slightly changed product name. | ||||
| CVE-2024-9905 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-17 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9818 | 2 Oretnom23, Sourcecodester | 2 Online Veterinary Appointment System, Online Veterinary Appointment System | 2024-10-17 | 7.3 High |
| A vulnerability classified as critical has been found in SourceCodester Online Veterinary Appointment System 1.0. Affected is an unknown function of the file /admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9799 | 2 Rems, Sourcecodester | 2 Profile Registration Without Reload\/refresh, Profile Registration Without Reload Refresh | 2024-10-17 | 3.5 Low |
| A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument email_address/address/company_name/job_title/jobDescriptionparameter leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-8080 | 2 Online Health Care System Project, Sourcecodester | 2 Online Health Care System, Online Health Care System | 2024-10-17 | 6.3 Medium |
| A vulnerability classified as critical has been found in SourceCodester Online Health Care System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument f_name with the input 1%' or 1=1 ) UNION SELECT 1,2,3,4,5,database(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23# as part of string leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9906 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-16 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9952 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-16 | 2.4 Low |
| A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=system_info/contact_info of the component Contact Information Page. The manipulation of the argument Address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-9975 | 2 Rems, Sourcecodester | 2 Drag And Drop Image Upload, Drag And Drop Image Upload | 2024-10-16 | 6.3 Medium |
| A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9974 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-15 | 6.3 Medium |
| A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=add_to_card of the component POST Request Handler. The manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9973 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-15 | 6.3 Medium |
| A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=reports of the component Report Viewing Page. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9810 | 2 Jkev, Sourcecodester | 2 Record Management System, Record Management System | 2024-10-15 | 3.5 Low |
| A vulnerability was found in SourceCodester Record Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file sort2_user.php. The manipulation of the argument qualification leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9300 | 2 Oretnom23, Sourcecodester | 2 Railway Reservation System, Online Railway Reservation System | 2024-10-01 | 4.3 Medium |
| A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contact_us.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9317 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-01 | 6.3 Medium |
| A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9318 | 2 Mayurik, Sourcecodester | 2 Advocate Office Management System, Advocate Office Management System | 2024-10-01 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in SourceCodester Advocate Office Management System 1.0. Affected by this issue is some unknown functionality of the file /control/activate.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9319 | 2 Rems, Sourcecodester | 2 Online Timesheet App, Online Timesheet | 2024-10-01 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in SourceCodester Online Timesheet App 1.0. This affects an unknown part of the file /endpoint/delete-timesheet.php. The manipulation of the argument timesheet leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9320 | 2 Rems, Sourcecodester | 2 Online Timesheet App, Online Timesheet | 2024-10-01 | 3.5 Low |
| A vulnerability has been found in SourceCodester Online Timesheet App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /endpoint/add-timesheet.php of the component Add Timesheet Form. The manipulation of the argument day/task leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9321 | 2 Oretnom23, Sourcecodester | 2 Railway Reservation System, Online Railway Reservation System | 2024-10-01 | 5.3 Medium |
| A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/inquiries/view_details.php. The manipulation of the argument id leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9323 | 2 Mayurik, Sourcecodester | 2 Free And Open Source Inventory Management System, Inventory Management System | 2024-10-01 | 3.5 Low |
| A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/add_staff.php. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9296 | 2 Mayurik, Sourcecodester | 2 Advocate Office Management System, Advocate Office Management System | 2024-10-01 | 7.3 High |
| A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgot_pass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9295 | 2 Mayurik, Sourcecodester | 2 Advocate Office Management System, Advocate Office Management System | 2024-10-01 | 7.3 High |
| A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||