Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1769

Browse all 1769 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Online Tours & Travels Management System Pharmacy Sales and Inventory System Pet Grooming Management Software Kortex Lite Advocate Office Management System Pizzafy Ecommerce System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Online Graduate Tracer System Inventory Management System AC Repair and Services System Food Ordering Management System Hotel and Lodge Management System Computer Laboratory Management System Online Courseware Gym Management System Canteen Management System Patients Waiting Area Queue Management System
CVE IDTitleCVSSSeverityPublished
CVE-2023-1461 SourceCodester Canteen Management System createCategories.php query sql injection — Canteen Management SystemCWE-89 6.3 Medium2023-03-17
CVE-2023-1460 SourceCodester Online Pizza Ordering System Password Change improper authentication — Online Pizza Ordering SystemCWE-287 6.5 Medium2023-03-17
CVE-2023-1459 SourceCodester Canteen Management System changeUsername.php sql injection — Canteen Management SystemCWE-89 6.3 Medium2023-03-17
CVE-2023-1455 SourceCodester Online Pizza Ordering System Login Page sql injection — Online Pizza Ordering SystemCWE-89 5.6 Medium2023-03-17
CVE-2023-1447 SourceCodester Medicine Tracker System cross site scripting — Medicine Tracker SystemCWE-79 3.5 Low2023-03-17
CVE-2023-1441 SourceCodester Automatic Question Paper Generator System GET Parameter view_course.php sql injection — Automatic Question Paper Generator SystemCWE-89 6.3 Medium2023-03-17
CVE-2023-1440 SourceCodester Automatic Question Paper Generator System GET Parameter manage_user.php sql injection — Automatic Question Paper Generator SystemCWE-89 6.3 Medium2023-03-17
CVE-2023-1439 SourceCodester Medicine Tracker System GET Parameter view_details.php sql injection — Medicine Tracker SystemCWE-89 6.3 Medium2023-03-17
CVE-2023-1433 SourceCodester Gadget Works Online Ordering System Products unrestricted upload — Gadget Works Online Ordering SystemCWE-434 4.7 Medium2023-03-16
CVE-2023-1432 SourceCodester Online Food Ordering System POST Request access control — Online Food Ordering SystemCWE-284 7.3 High2023-03-16
CVE-2023-1418 SourceCodester Friendly Island Pizza Website and Ordering System POST Parameter cashconfirm.php cross site scripting — Friendly Island Pizza Website and Ordering SystemCWE-79 3.5 Low2023-03-15
CVE-2023-1379 SourceCodester Friendly Island Pizza Website and Ordering System POST Parameter addmem.php sql injection — Friendly Island Pizza Website and Ordering SystemCWE-89 6.3 Medium2023-03-15
CVE-2023-1407 SourceCodester Student Study Center Desk Management System manage_user.php sql injection — Student Study Center Desk Management SystemCWE-89 4.7 Medium2023-03-15
CVE-2023-1397 SourceCodester Online Student Management System profile.php cross site scripting — Online Student Management SystemCWE-79 3.5 Low2023-03-14
CVE-2023-1396 SourceCodester Online Tours & Travels Management System traveller_details.php cross site scripting — Online Tours & Travels Management SystemCWE-79 3.5 Low2023-03-14
CVE-2023-1395 SourceCodester Yoga Class Registration System list.php query cross site scripting — Yoga Class Registration SystemCWE-79 3.5 Low2023-03-14
CVE-2023-1394 SourceCodester Online Graduate Tracer System bsitemp.php mysqli_query sql injection — Online Graduate Tracer SystemCWE-89 6.3 Medium2023-03-14
CVE-2023-1392 SourceCodester Online Pizza Ordering System save_menu unrestricted upload — Online Pizza Ordering SystemCWE-434 6.3 Medium2023-03-14
CVE-2023-1391 SourceCodester Online Tours & Travels Management System ab.php unrestricted upload — Online Tours & Travels Management SystemCWE-434 4.7 Medium2023-03-14
CVE-2023-1378 SourceCodester Friendly Island Pizza Website and Ordering System POST Parameter paypalsuccess.php sql injection — Friendly Island Pizza Website and Ordering SystemCWE-89 6.3 Medium2023-03-13
CVE-2023-1366 SourceCodester Yoga Class Registration System manage_category.php query sql injection — Yoga Class Registration SystemCWE-89 6.3 Medium2023-03-13
CVE-2023-1365 SourceCodester Online Pizza Ordering System ajax.php sql injection — Online Pizza Ordering SystemCWE-89 7.3 High2023-03-13
CVE-2023-1364 SourceCodester Online Pizza Ordering System GET Parameter category.php sql injection — Online Pizza Ordering SystemCWE-89 6.3 Medium2023-03-13
CVE-2023-1363 SourceCodester Computer Parts Sales and Inventory System Add User Account cross site scripting — Computer Parts Sales and Inventory SystemCWE-79 3.5 Low2023-03-13
CVE-2023-1360 SourceCodester Employee Payslip Generator with Sending Mail New User Creation sql injection — Employee Payslip Generator with Sending MailCWE-89 4.7 Medium2023-03-12
CVE-2023-1359 SourceCodester Gadget Works Online Ordering System Add New User cross site scripting — Gadget Works Online Ordering SystemCWE-79 2.4 Low2023-03-12
CVE-2023-1358 SourceCodester Gadget Works Online Ordering System POST Parameter login.php sql injection — Gadget Works Online Ordering SystemCWE-89 6.3 Medium2023-03-12
CVE-2023-1357 SourceCodester Simple Bakery Shop Management System Admin Login sql injection — Simple Bakery Shop Management SystemCWE-89 7.3 High2023-03-12
CVE-2023-1354 SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System register.php cross site scripting — Design and Implementation of Covid-19 Directory on Vaccination SystemCWE-79 3.5 Low2023-03-11
CVE-2023-1353 SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System verification.php cross site scripting — Design and Implementation of Covid-19 Directory on Vaccination SystemCWE-79 3.5 Low2023-03-11

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.