Filtered by vendor Sourcecodester
Subscriptions
Total
840 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-15597 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-13 | 7.3 High |
| A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/2.php. This affects an unknown function of the file /edit_exam2.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-15596 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-13 | 4.3 Medium |
| A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /subject.php. Such manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-15595 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-13 | 4.3 Medium |
| A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /forsubject.php. This manipulation of the argument subject causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-15540 | 1 Sourcecodester | 1 Online Book Store System | 2026-07-13 | 4.3 Medium |
| A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/require statement in php program. It is possible to initiate the attack remotely. The exploit is now public and may be used. | ||||
| CVE-2026-15537 | 1 Sourcecodester | 1 Online Book Store System | 2026-07-13 | 7.3 High |
| A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-15532 | 1 Sourcecodester | 1 Online Book Store System | 2026-07-13 | 2.4 Low |
| A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-15539 | 1 Sourcecodester | 1 Online Book Store System | 2026-07-13 | 4.7 Medium |
| A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-15190 | 1 Sourcecodester | 1 Simple And Nice Shopping Cart Script | 2026-07-09 | 7.3 High |
| A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown part of the file /login.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. | ||||
| CVE-2026-14775 | 1 Sourcecodester | 2 Onlne Examination & Learning Management System, Onlne Examination Learning Management System | 2026-07-07 | 6.3 Medium |
| A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /process_lesson.php. Such manipulation of the argument user_id leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used. The name of the affected product appears to have a typo in it. | ||||
| CVE-2026-14725 | 1 Sourcecodester | 1 Online Boat Reservation System | 2026-07-07 | 6.3 Medium |
| A vulnerability was identified in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality. Such manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-14695 | 1 Sourcecodester | 1 Multi-vendor Online Grocery Management System | 2026-07-07 | 7.3 High |
| A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_client of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-14608 | 1 Sourcecodester | 1 Cet Automated Grading System With Ai Predictive Analytics | 2026-07-07 | 4.3 Medium |
| A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=view_student of the component POST Handler. The manipulation of the argument ID leads to authorization bypass. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-14653 | 1 Sourcecodester | 1 Simple And Nice Shopping Cart Script | 2026-07-06 | 7.3 High |
| A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument user_id causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-14693 | 1 Sourcecodester | 1 Multi-vendor Online Grocery Management System | 2026-07-06 | 5.4 Medium |
| A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this vulnerability is the function cancel_order of the file classes/Master.php. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. | ||||
| CVE-2026-14734 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-06 | 7.3 High |
| A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_product.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-14654 | 1 Sourcecodester | 1 Simple And Nice Shopping Cart Script | 2026-07-06 | 7.3 High |
| A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument user_id leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-14690 | 1 Sourcecodester | 1 Multi-vendor Online Grocery Management System | 2026-07-06 | 7.3 High |
| A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_users of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-14694 | 1 Sourcecodester | 1 Multi-vendor Online Grocery Management System | 2026-07-06 | 6.3 Medium |
| A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancel_order of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-14698 | 1 Sourcecodester | 1 Syllabus-aligned Learning Management And Examination System | 2026-07-06 | 6.3 Medium |
| A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file upload_files.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-14713 | 1 Sourcecodester | 1 Pizzafy E-commerce System | 2026-07-06 | 7.3 High |
| A security flaw has been discovered in SourceCodester Pizzafy E-Commerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirm_order. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||