Filtered by vendor Sourcecodester
Subscriptions
Total
266 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34231 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | 7.1 High |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter. | ||||
| CVE-2024-33304 | 2 Oretnom23, Sourcecodester | 2 Product Show Room Site, Product Show Room | 2025-04-22 | 6.1 Medium |
| SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" under Add Users. | ||||
| CVE-2024-33306 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | 7.4 High |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User. | ||||
| CVE-2024-33307 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | 5.4 Medium |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User. | ||||
| CVE-2024-33302 | 2 Oretnom23, Sourcecodester | 2 Product Show Room Site, Product Show Room | 2025-04-22 | 5.3 Medium |
| SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting (XSS) via "Middle Name" under Add Users. | ||||
| CVE-2024-33303 | 2 Oretnom23, Sourcecodester | 2 Product Show Room Site, Product Show Room | 2025-04-22 | 8.2 High |
| SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" under Add Users. | ||||
| CVE-2024-33305 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | 6.1 Medium |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User. | ||||
| CVE-2024-7916 | 2 Nafisulbari, Sourcecodester | 2 Life Insurance Management System, Insurance Management System | 2025-04-22 | 3.5 Low |
| A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file addNominee.php of the component Add Nominee Page. The manipulation of the argument Nominee-Client ID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-34220 | 2 Oretnom23, Sourcecodester | 2 Human Resource Management System, Human Resource Management System | 2025-04-18 | 7.5 High |
| Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter. | ||||
| CVE-2024-34221 | 2 Oretnom23, Sourcecodester | 2 Human Resource Management System, Human Resource Management System | 2025-04-18 | 8.8 High |
| Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation. | ||||
| CVE-2024-34222 | 2 Oretnom23, Sourcecodester | 2 Human Resource Management System, Human Resource Management System | 2025-04-18 | 5.9 Medium |
| Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the searccountry parameter. | ||||
| CVE-2024-34223 | 2 Oretnom23, Sourcecodester | 2 Human Resource Management System, Human Resource Management System | 2025-04-18 | 4.3 Medium |
| Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket. | ||||
| CVE-2024-46377 | 2 Mayurik, Sourcecodester | 2 Best House Rental Management System, Best House Rental Management System | 2025-04-16 | 9.8 Critical |
| Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the save_settings() function of the file rental/admin_class.php. | ||||
| CVE-2024-34224 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Computer Laboratory Management System | 2025-04-16 | 7.3 High |
| Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters. | ||||
| CVE-2023-49982 | 2 Oretnom23, Sourcecodester | 2 School Fees Management System, School Fees Management System | 2025-04-16 | 8.8 High |
| Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts. | ||||
| CVE-2024-31545 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Computer Laboratory Management System | 2025-04-14 | 9.4 Critical |
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6. | ||||
| CVE-2024-31546 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Computer Laboratory Management System | 2025-04-14 | 9.8 Critical |
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php. | ||||
| CVE-2024-35581 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Laboratory Management System | 2025-04-11 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field. | ||||
| CVE-2024-35582 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Laboratory Management System | 2025-04-11 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field. | ||||
| CVE-2024-35583 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Laboratory Management System | 2025-04-11 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field. | ||||