Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1769

Browse all 1769 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Online Tours & Travels Management System Pharmacy Sales and Inventory System Pet Grooming Management Software Kortex Lite Advocate Office Management System Pizzafy Ecommerce System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Online Graduate Tracer System Inventory Management System AC Repair and Services System Food Ordering Management System Hotel and Lodge Management System Computer Laboratory Management System Online Courseware Gym Management System Canteen Management System Patients Waiting Area Queue Management System
CVE IDTitleCVSSSeverityPublished
CVE-2026-4574 SourceCodester Simple E-learning System User Profile Update sql injection — Simple E-learning SystemCWE-89 6.3 Medium2026-03-23
CVE-2026-4573 SourceCodester Simple E-learning System HTTP GET Parameter delete_post.php sql injection — Simple E-learning SystemCWE-89 6.3 Medium2026-03-23
CVE-2026-4572 SourceCodester Sales and Inventory System HTTP POST Request view_product.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-23
CVE-2026-4571 SourceCodester Sales and Inventory System HTTP POST Request view_payments.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-23
CVE-2026-4570 SourceCodester Sales and Inventory System HTTP POST Request view_customers.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-23
CVE-2026-4569 SourceCodester Sales and Inventory System HTTP POST Request view_category.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-23
CVE-2026-4568 SourceCodester Sales and Inventory System HTTP GET Request update_supplier.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-23
CVE-2026-4013 SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization — Web-based Pharmacy Product Management SystemCWE-285 6.3 Medium2026-03-12
CVE-2026-3819 SourceCodester Resort Reservation System Reservation Management page cross site scripting — Resort Reservation SystemCWE-79 3.5 Low2026-03-09
CVE-2026-3817 SourceCodester Patients Waiting Area Queue Management System patient-search.php improper authorization — Patients Waiting Area Queue Management SystemCWE-285 5.3 Medium2026-03-09
CVE-2026-3806 SourceCodester/janobe Resort Reservation System room_rates.php sql injection — Resort Reservation SystemCWE-89 6.3 Medium2026-03-09
CVE-2026-3800 SourceCodester/janobe Resort Reservation System controller.php doInsert unrestricted upload — Resort Reservation SystemCWE-434 6.3 Medium2026-03-09
CVE-2026-3793 SourceCodester Sales and Inventory System GET Parameter sales_invoice1.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-09
CVE-2026-3792 SourceCodester Sales and Inventory System GET Parameter purchase_invoice.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-09
CVE-2026-3791 SourceCodester Sales and Inventory System Search dashboard.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-09
CVE-2026-3790 SourceCodester Sales and Inventory System POST Parameter check_supplier_details.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-09
CVE-2026-3771 SourceCodester/janobe Resort Reservation System accomodation.php sql injection — Resort Reservation SystemCWE-89 6.3 Medium2026-03-08
CVE-2026-3770 SourceCodester Computer Laboratory Management System cross-site request forgery — Computer Laboratory Management SystemCWE-352 4.3 Medium2026-03-08
CVE-2026-3766 SourceCodester Web-based Pharmacy Product Management System edit-profile.php cross site scripting — Web-based Pharmacy Product Management SystemCWE-79 3.5 Low2026-03-08
CVE-2026-3764 SourceCodester Client Database Management System superadmin_user_update.php improper authorization — Client Database Management SystemCWE-285 7.3 High2026-03-08
CVE-2026-3762 SourceCodester Client Database Management System Endpoint superadmin_delete_manager.php improper authorization — Client Database Management SystemCWE-285 7.3 High2026-03-08
CVE-2026-3761 SourceCodester Client Database Management System Endpoint superadmin_user_delete.php improper authorization — Client Database Management SystemCWE-285 5.4 Medium2026-03-08
CVE-2026-3756 SourceCodester Sales and Inventory System check_item_details.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-08
CVE-2026-3755 SourceCodester Sales and Inventory System POST check_customer_details.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-08
CVE-2026-3754 SourceCodester Sales and Inventory System add_stock.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-08
CVE-2026-3753 SourceCodester Sales and Inventory System add_sales_print.php sql injection — Sales and Inventory SystemCWE-89 6.3 Medium2026-03-08
CVE-2026-3752 SourceCodester Employee Task Management System GET Parameter daily-task-report.php sql injection — Employee Task Management SystemCWE-89 4.7 Medium2026-03-08
CVE-2026-3751 SourceCodester Employee Task Management System GET Parameter daily-attendance-report.php sql injection — Employee Task Management SystemCWE-89 4.7 Medium2026-03-08
CVE-2026-3746 SourceCodester Simple Responsive Tourism Website Login Login.php sql injection — Simple Responsive Tourism WebsiteCWE-89 7.3 High2026-03-08
CVE-2026-3738 SourceCodester Pet Grooming Management Software Financial Report improper authorization — Pet Grooming Management SoftwareCWE-285 6.3 Medium2026-03-08

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.