Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1769

Browse all 1769 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Online Tours & Travels Management System Pharmacy Sales and Inventory System Pet Grooming Management Software Kortex Lite Advocate Office Management System Pizzafy Ecommerce System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Online Graduate Tracer System Inventory Management System AC Repair and Services System Food Ordering Management System Hotel and Lodge Management System Computer Laboratory Management System Online Courseware Gym Management System Canteen Management System Patients Waiting Area Queue Management System
CVE IDTitleCVSSSeverityPublished
CVE-2024-2059 SourceCodester Petrol Pump Management Software service_crud.php unrestricted upload — Petrol Pump Management SoftwareCWE-434 4.7 Medium2024-03-01
CVE-2024-2058 SourceCodester Petrol Pump Management Software product.php unrestricted upload — Petrol Pump Management SoftwareCWE-434 4.7 Medium2024-03-01
CVE-2024-1972 SourceCodester Online Job Portal EditProfile.php cross site scripting — Online Job PortalCWE-79 3.5 Low2024-02-28
CVE-2024-1970 SourceCodester Online Learning System V2 index.php cross site scripting — Online Learning System V2CWE-79 4.3 Medium2024-02-28
CVE-2024-1928 SourceCodester Web-Based Student Clearance System Edit User Profile Page edit-admin.php sql injection — Web-Based Student Clearance SystemCWE-89 4.7 Medium2024-02-27
CVE-2024-1927 SourceCodester Web-Based Student Clearance System login.php sql injection — Web-Based Student Clearance SystemCWE-89 6.3 Medium2024-02-27
CVE-2024-1926 SourceCodester Free and Open Source Inventory Management System search_sales_report.php sql injection — Free and Open Source Inventory Management SystemCWE-89 6.3 Medium2024-02-27
CVE-2024-1923 SourceCodester Simple Student Attendance System List of Classes Page ajax-api.php delete_student sql injection — Simple Student Attendance SystemCWE-89 6.3 Medium2024-02-27
CVE-2024-1922 SourceCodester Online Job Portal Manage Job Page ManageJob.php cross site scripting — Online Job PortalCWE-79 3.5 Low2024-02-27
CVE-2024-1919 SourceCodester Online Job Portal Manage Walkin Page ManageWalkin.php cross site scripting — Online Job PortalCWE-79 3.5 Low2024-02-27
CVE-2024-1878 SourceCodester Employee Management System myprofile.php sql injection — Employee Management SystemCWE-89 6.3 Medium2024-02-26
CVE-2024-1877 SourceCodester Employee Management System cancel.php sql injection — Employee Management SystemCWE-89 6.3 Medium2024-02-26
CVE-2024-1876 SourceCodester Employee Management System psubmit.php sql injection — Employee Management SystemCWE-89 7.3 High2024-02-26
CVE-2024-1875 SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload — Complaint Management SystemCWE-434 6.3 Medium2024-02-25
CVE-2024-1871 SourceCodester Employee Management System Project Assignment Report assignp.php cross site scripting — Employee Management SystemCWE-79 3.5 Low2024-02-24
CVE-2024-1834 SourceCodester Simple Student Attendance System ?page=attendance&class_id=1 cross site scripting — Simple Student Attendance SystemCWE-79 3.5 Low2024-02-23
CVE-2024-1833 SourceCodester Employee Management System login.php sql injection — Employee Management SystemCWE-89 7.3 High2024-02-23
CVE-2024-1832 SourceCodester Complete File Management System Admin Login Form sql injection — Complete File Management SystemCWE-89 7.3 High2024-02-23
CVE-2024-1831 SourceCodester Complete File Management System Login Form index.php sql injection — Complete File Management SystemCWE-89 7.3 High2024-02-23
CVE-2024-1269 SourceCodester Product Management System supplier.php cross site scripting — Product Management SystemCWE-79 2.4 Low2024-02-07
CVE-2024-1215 SourceCodester CRUD without Page Reload fetch_data.php cross site scripting — CRUD without Page ReloadCWE-79 3.5 Low2024-02-03
CVE-2024-1197 SourceCodester Testimonial Page Manager HTTP GET Request delete-testimonial.php sql injection — Testimonial Page ManagerCWE-89 7.3 High2024-02-02
CVE-2024-1196 SourceCodester Testimonial Page Manager HTTP POST Request add-testimonial.php cross site scripting — Testimonial Page ManagerCWE-79 4.3 Medium2024-02-02
CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting — QR Code Login SystemCWE-79 4.3 Medium2024-01-31
CVE-2024-1028 SourceCodester Facebook News Feed Like Post cross site scripting — Facebook News Feed LikeCWE-79 3.5 Low2024-01-30
CVE-2024-1027 SourceCodester Facebook News Feed Like Post unrestricted upload — Facebook News Feed LikeCWE-434 6.3 Medium2024-01-30
CVE-2024-1024 SourceCodester Facebook News Feed Like New Account cross site scripting — Facebook News Feed LikeCWE-79 3.5 Low2024-01-30
CVE-2024-1011 SourceCodester Employee Management System Leave delete-leave.php access control — Employee Management SystemCWE-284 4.3 Medium2024-01-29
CVE-2024-1010 SourceCodester Employee Management System edit-profile.php cross site scripting — Employee Management SystemCWE-79 3.5 Low2024-01-29
CVE-2024-1009 SourceCodester Employee Management System login.php sql injection — Employee Management SystemCWE-89 7.3 High2024-01-29

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.