Filtered by vendor Sourcecodester
Subscriptions
Total
673 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3819 | 2 Oretnom23, Sourcecodester | 2 Resort Reservation System, Resort Reservation System | 2026-04-16 | 3.5 Low |
| A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage_reservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-26892 | 2 Oretnom23, Sourcecodester | 2 Simple Logistic Hub Parcel\'s Management System, Logistic Hub Parcels Management System | 2026-04-16 | 2.7 Low |
| Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage_carrier.php. | ||||
| CVE-2026-3724 | 2 Pamzey, Sourcecodester | 2 Patients Waiting Area Queue Management System, Patients Waiting Area Queue Management System | 2026-04-16 | 6.3 Medium |
| A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unknown function of the file /checkin.php. This manipulation of the argument patient_id causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-3734 | 2 Lerouxyxchire, Sourcecodester | 2 Client Database Management System, Client Database Management System | 2026-04-16 | 7.3 High |
| A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be initiated remotely. The exploit has been published and may be used. | ||||
| CVE-2026-3746 | 2 Oretnom23, Sourcecodester | 2 Simple Responsive Tourism Website, Simple Responsive Tourism Website | 2026-04-16 | 7.3 High |
| A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-3751 | 2 Oretnom23, Sourcecodester | 2 Employee Task Management System, Employee Task Management System | 2026-04-16 | 4.7 Medium |
| A vulnerability was detected in SourceCodester Employee Task Management System 1.0. Impacted is an unknown function of the file /daily-attendance-report.php of the component GET Parameter Handler. The manipulation of the argument Date results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. | ||||
| CVE-2026-3752 | 2 Oretnom23, Sourcecodester | 2 Employee Task Management System, Employee Task Management System | 2026-04-16 | 4.7 Medium |
| A flaw has been found in SourceCodester Employee Task Management System up to 1.0. The affected element is an unknown function of the file /daily-task-report.php of the component GET Parameter Handler. This manipulation of the argument Date causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2026-3754 | 2 Ahsanriaz26gmailcom, Sourcecodester | 2 Sales And Inventory System, Sales And Inventory System | 2026-04-16 | 6.3 Medium |
| A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /add_stock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-3762 | 2 Lerouxyxchire, Sourcecodester | 2 Client Database Management System, Client Database Management System | 2026-04-16 | 7.3 High |
| A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmin_delete_manager.php of the component Endpoint. The manipulation of the argument manager_id leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-3766 | 2 Senior-walter, Sourcecodester | 2 Web-based Pharmacy Product Management System, Web-based Pharmacy Product Management System | 2026-04-16 | 3.5 Low |
| A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-3792 | 2 Ahsanriaz26gmailcom, Sourcecodester | 2 Sales And Inventory System, Sales And Inventory System | 2026-04-16 | 6.3 Medium |
| A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchase_invoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used. | ||||
| CVE-2026-3793 | 2 Ahsanriaz26gmailcom, Sourcecodester | 2 Sales And Inventory System, Sales And Inventory System | 2026-04-16 | 6.3 Medium |
| A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file sales_invoice1.php of the component GET Parameter Handler. This manipulation of the argument sellid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-36236 | 2 Janobe, Sourcecodester | 2 Engineers Online Portal, Engineers Online Portal | 2026-04-15 | 9.8 Critical |
| SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter. | ||||
| CVE-2026-36872 | 2 Razormist, Sourcecodester | 2 Basic Library System, Basic Library System | 2026-04-15 | 2.7 Low |
| Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_book.php. | ||||
| CVE-2026-36873 | 2 Razormist, Sourcecodester | 2 Basic Library System, Basic Library System | 2026-04-15 | 2.7 Low |
| Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_admin.php. | ||||
| CVE-2026-36874 | 2 Razormist, Sourcecodester | 2 Basic Library System, Basic Library System | 2026-04-15 | 2.7 Low |
| Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_student.php. | ||||
| CVE-2026-36946 | 2 Oretnom23, Sourcecodester | 2 Computer And Mobile Repair Shop Management System, Computer And Mobile Repair Shop Management System | 2026-04-15 | 2.7 Low |
| Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view_details.php. | ||||
| CVE-2026-36947 | 2 Oretnom23, Sourcecodester | 2 Computer And Mobile Repair Shop Management System, Computer And Mobile Repair Shop Management System | 2026-04-15 | 2.7 Low |
| Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view_service.php. | ||||
| CVE-2026-36922 | 2 Oretnom23, Sourcecodester | 2 Cab Management System, Cab Management System | 2026-04-15 | 2.7 Low |
| Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/view_category.php. | ||||
| CVE-2026-36923 | 2 Oretnom23, Sourcecodester | 2 Cab Management System, Cab Management System | 2026-04-15 | 2.7 Low |
| Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/view_booking.php. | ||||