Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1769

Browse all 1769 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Online Tours & Travels Management System Pharmacy Sales and Inventory System Pet Grooming Management Software Kortex Lite Advocate Office Management System Pizzafy Ecommerce System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Online Graduate Tracer System Inventory Management System AC Repair and Services System Food Ordering Management System Hotel and Lodge Management System Computer Laboratory Management System Online Courseware Gym Management System Canteen Management System Patients Waiting Area Queue Management System
CVE IDTitleCVSSSeverityPublished
CVE-2024-1008 SourceCodester Employee Management System Profile Page edit-photo.php unrestricted upload — Employee Management SystemCWE-434 4.7 Medium2024-01-29
CVE-2024-1007 SourceCodester Employee Management System edit_profile.php sql injection — Employee Management SystemCWE-89 6.3 Medium2024-01-29
CVE-2024-0884 SourceCodester Online Tours & Travels Management System payment.php exec sql injection — Online Tours & Travels Management SystemCWE-89 4.7 Medium2024-01-25
CVE-2024-0883 SourceCodester Online Tours & Travels Management System pay.php prepare sql injection — Online Tours & Travels Management SystemCWE-89 6.3 Medium2024-01-25
CVE-2024-0735 SourceCodester Online Tours & Travels Management System expense.php exec sql injection — Online Tours & Travels Management SystemCWE-89 6.3 Medium2024-01-19
CVE-2024-0502 SourceCodester House Rental Management System Edit User manage_user.php sql injection — House Rental Management SystemCWE-89 4.7 Medium2024-01-13
CVE-2024-0501 SourceCodester House Rental Management System Manage Invoice Details cross site scripting — House Rental Management SystemCWE-79 2.4 Low2024-01-13
CVE-2024-0500 SourceCodester House Rental Management System Manage Tenant Details cross site scripting — House Rental Management SystemCWE-79 2.4 Low2024-01-13
CVE-2024-0499 SourceCodester House Rental Management System index.php cross site scripting — House Rental Management SystemCWE-79 2.4 Low2024-01-13
CVE-2024-0389 SourceCodester Student Attendance System attendance_report.php sql injection — Student Attendance SystemCWE-89 6.3 Medium2024-01-10
CVE-2024-0351 SourceCodester Engineers Online Portal session fixiation — Engineers Online PortalCWE-384 3.1 Low2024-01-09
CVE-2024-0350 SourceCodester Engineers Online Portal session expiration — Engineers Online PortalCWE-613 3.1 Low2024-01-09
CVE-2024-0349 SourceCodester Engineers Online Portal missing secure attribute — Engineers Online PortalCWE-614 3.7 Low2024-01-09
CVE-2024-0348 SourceCodester Engineers Online Portal File Upload resource consumption — Engineers Online PortalCWE-400 4.3 Medium2024-01-09
CVE-2024-0347 SourceCodester Engineers Online Portal signup_teacher.php weak password — Engineers Online PortalCWE-521 3.7 Low2024-01-09
CVE-2024-0265 SourceCodester Clinic Queuing System GET Parameter index.php file inclusion — Clinic Queuing SystemCWE-73 6.3 Medium2024-01-07
CVE-2024-0264 SourceCodester Clinic Queuing System LoginRegistration.php authorization — Clinic Queuing SystemCWE-639 7.3 High2024-01-07
CVE-2024-0260 SourceCodester Engineers Online Portal Password Change change_password_teacher.php session expiration — Engineers Online PortalCWE-613 4.3 Medium2024-01-07
CVE-2024-0182 SourceCodester Engineers Online Portal Admin Login sql injection — Engineers Online PortalCWE-89 7.3 High2024-01-01
CVE-2023-7160 SourceCodester Engineers Online Portal Add Engineer cross site scripting — Engineers Online PortalCWE-79 2.4 Low2023-12-29
CVE-2023-7157 SourceCodester Free and Open Source Inventory Management System sell_return_data.php sql injection — Free and Open Source Inventory Management SystemCWE-89 6.3 Medium2023-12-29
CVE-2023-7155 SourceCodester Free and Open Source Inventory Management System edit_product.php sql injection — Free and Open Source Inventory Management SystemCWE-89 6.3 Medium2023-12-29
CVE-2023-7134 SourceCodester Medicine Tracking System path traversal — Medicine Tracking SystemCWE-24 6.3 Medium2023-12-28
CVE-2023-7123 SourceCodester Medicine Tracking System sql injection — Medicine Tracking SystemCWE-89 6.3 Medium2023-12-27
CVE-2023-7059 SourceCodester School Visitor Log e-Book log-book.php cross site scripting — School Visitor Log e-BookCWE-79 3.5 Low2023-12-22
CVE-2023-7058 SourceCodester Simple Student Attendance System path traversal — Simple Student Attendance SystemCWE-24 6.3 Medium2023-12-22
CVE-2023-6945 SourceCodester Online Student Management System edit-student-detail.php cross site scripting — Online Student Management SystemCWE-79 2.4 Low2023-12-19
CVE-2023-6898 SourceCodester Best Courier Management System manage_user.php sql injection — Best Courier Management SystemCWE-89 5.5 Medium2023-12-17
CVE-2023-6896 SourceCodester Simple Image Stack Website cross site scripting — Simple Image Stack WebsiteCWE-79 3.5 Low2023-12-17
CVE-2023-6771 SourceCodester Simple Student Attendance System actions.class.php save_attendance sql injection — Simple Student Attendance SystemCWE-89 5.5 Medium2023-12-13

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.