Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1769

Browse all 1769 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Online Tours & Travels Management System Pharmacy Sales and Inventory System Pet Grooming Management Software Kortex Lite Advocate Office Management System Pizzafy Ecommerce System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Online Graduate Tracer System Inventory Management System AC Repair and Services System Food Ordering Management System Hotel and Lodge Management System Computer Laboratory Management System Online Courseware Gym Management System Canteen Management System Patients Waiting Area Queue Management System
CVE IDTitleCVSSSeverityPublished
CVE-2023-5790 SourceCodester File Manager App add-file.php unrestricted upload — File Manager AppCWE-434 6.3 Medium2023-10-26
CVE-2023-5589 SourceCodester Judging Management System login.php sql injection — Judging Management SystemCWE-89 7.3 High2023-10-15
CVE-2023-5587 SourceCodester Free Hospital Management System for Small Practices Parameter doctors.php sql injection — Free Hospital Management System for Small PracticesCWE-89 6.3 Medium2023-10-15
CVE-2023-5585 SourceCodester Online Motorcycle Rental System Bike List cross site scripting — Online Motorcycle Rental SystemCWE-79 2.4 Low2023-10-14
CVE-2023-5581 SourceCodester Medicine Tracker System index.php cross site scripting — Medicine Tracker SystemCWE-79 3.5 Low2023-10-14
CVE-2023-5580 SourceCodester Library System index.php sql injection — Library SystemCWE-89 6.3 Medium2023-10-14
CVE-2023-5423 SourceCodester Online Pizza Ordering System sql injection — Online Pizza Ordering SystemCWE-89 4.7 Medium2023-10-05
CVE-2023-5374 SourceCodester Online Computer and Laptop Store products.php sql injection — Online Computer and Laptop StoreCWE-89 6.3 Medium2023-10-04
CVE-2023-5373 SourceCodester Online Computer and Laptop Store Master.php register sql injection — Online Computer and Laptop StoreCWE-89 7.3 High2023-10-04
CVE-2023-5302 SourceCodester Best Courier Management System Manage Account Page cross site scripting — Best Courier Management SystemCWE-79 3.5 Low2023-09-30
CVE-2023-5286 SourceCodester Expense Tracker App Category add_category.php cross site scripting — Expense Tracker AppCWE-79 3.5 Low2023-09-29
CVE-2023-5284 SourceCodester Engineers Online Portal upload_save_student.php unrestricted upload — Engineers Online PortalCWE-434 6.3 Medium2023-09-29
CVE-2023-5283 SourceCodester Engineers Online Portal teacher_signup.php sql injection — Engineers Online PortalCWE-89 6.3 Medium2023-09-29
CVE-2023-5282 SourceCodester Engineers Online Portal seed_message_student.php sql injection — Engineers Online PortalCWE-89 6.3 Medium2023-09-29
CVE-2023-5281 SourceCodester Engineers Online Portal remove_inbox_message.php sql injection — Engineers Online PortalCWE-89 6.3 Medium2023-09-29
CVE-2023-5280 SourceCodester Engineers Online Portal my_students.php sql injection — Engineers Online PortalCWE-89 6.3 Medium2023-09-29
CVE-2023-5279 SourceCodester Engineers Online Portal my_classmates.php sql injection — Engineers Online PortalCWE-89 6.3 Medium2023-09-29
CVE-2023-5278 SourceCodester Engineers Online Portal login.php sql injection — Engineers Online PortalCWE-89 6.3 Medium2023-09-29
CVE-2023-5277 SourceCodester Engineers Online Portal student_avatar.php unrestricted upload — Engineers Online PortalCWE-434 6.3 Medium2023-09-29
CVE-2023-5276 SourceCodester Engineers Online Portal downloadable_student.php sql injection — Engineers Online PortalCWE-89 6.3 Medium2023-09-29
CVE-2023-5273 SourceCodester Best Courier Management System manage_parcel_status.php cross site scripting — Best Courier Management SystemCWE-79 3.5 Low2023-09-29
CVE-2023-5272 SourceCodester Best Courier Management System GET Parameter edit_parcel.php sql injection — Best Courier Management SystemCWE-89 5.5 Medium2023-09-29
CVE-2023-5271 SourceCodester Best Courier Management System edit_parcel.php sql injection — Best Courier Management SystemCWE-89 5.5 Medium2023-09-29
CVE-2023-5270 SourceCodester Best Courier Management System view_parcel.php sql injection — Best Courier Management SystemCWE-89 5.5 Medium2023-09-29
CVE-2023-5269 SourceCodester Best Courier Management System GET Parameter parcel_list.php sql injection — Best Courier Management SystemCWE-89 5.5 Medium2023-09-29
CVE-2023-5260 SourceCodester Simple Membership System group_validator.php sql injection — Simple Membership SystemCWE-89 6.3 Medium2023-09-29
CVE-2023-5034 SourceCodester My Food Recipe Image Upload index.php unrestricted upload — My Food RecipeCWE-434 6.3 Medium2023-09-18
CVE-2023-5027 SourceCodester Simple Membership System club_validator.php sql injection — Simple Membership SystemCWE-89 6.3 Medium2023-09-17
CVE-2023-5021 SourceCodester AC Repair and Services System cross site scripting — AC Repair and Services SystemCWE-79 3.5 Low2023-09-17
CVE-2023-5018 SourceCodester Lost and Found Information System POST Parameter sql injection — Lost and Found Information SystemCWE-89 6.3 Medium2023-09-17

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.