ReportizFlow
Filtered by vendor Sourcecodester
Subscriptions
Total
717 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7410 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-05-04 | 6.3 Medium |
| A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-7409 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-30 | 4.7 Medium |
| A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2026-7408 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-30 | 4.7 Medium |
| A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2026-7391 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-04-30 | 6.3 Medium |
| A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function save_supplier of the file /ajax.php?action=save_supplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-7407 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-30 | 4.7 Medium |
| A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /pizzafy/admin/ajax.php?action=save_settings of the component Setting Handler. Such manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-7447 | 1 Sourcecodester | 1 Pet Grooming Management Software | 2026-04-30 | 6.3 Medium |
| A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/update_customer.php. This manipulation of the argument type/length/business parameter validity causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. | ||||
| CVE-2026-7401 | 1 Sourcecodester | 1 Cet Automated Grading System With Ai Predictive Analytics | 2026-04-30 | 4.3 Medium |
| A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument student_id/full_name/section/username results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-7394 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-29 | 4.7 Medium |
| A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/view_order.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-7390 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-04-29 | 3.5 Low |
| A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-7392 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-04-29 | 6.3 Medium |
| A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete_supplier of the file /ajax.php?action=delete_supplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-7393 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-29 | 4.7 Medium |
| A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save_menu of the file /admin/admin_class_novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-7264 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-29 | 6.3 Medium |
| A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get_cart_items of the file /admin/ajax.php?action=get_cart_items. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-7295 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-29 | 2.4 Low |
| A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-7225 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-29 | 7.3 High |
| A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function delete_menu of the file /admin/ajax.php?action=delete_menu. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-7294 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-29 | 2.4 Low |
| A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /admin/index.php?page=save_settings. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. | ||||
| CVE-2026-7269 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-04-29 | 2.4 Low |
| A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-7230 | 1 Sourcecodester | 1 Safety Anger Pad | 2026-04-29 | 4.3 Medium |
| A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. | ||||
| CVE-2026-7224 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-29 | 7.3 High |
| A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function delete_cart of the file /admin/ajax.php?action=delete_cart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-7127 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-04-29 | 7.3 High |
| A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_receiving. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-7087 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-04-29 | 7.3 High |
| A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||