Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1769

Browse all 1769 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Online Tours & Travels Management System Pharmacy Sales and Inventory System Pet Grooming Management Software Kortex Lite Advocate Office Management System Pizzafy Ecommerce System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Online Graduate Tracer System Inventory Management System AC Repair and Services System Food Ordering Management System Hotel and Lodge Management System Computer Laboratory Management System Online Courseware Gym Management System Canteen Management System Patients Waiting Area Queue Management System
CVE IDTitleCVSSSeverityPublished
CVE-2022-2748 SourceCodester Simple Online Book Store System edit.php cross site scripting — Simple Online Book Store SystemCWE-79 3.5 Low2022-08-11
CVE-2022-2747 SourceCodester Simple Online Book Store book.php sql injection — Simple Online Book StoreCWE-89 6.3 Medium2022-08-11
CVE-2022-2746 SourceCodester Simple Online Book Store System Admin_ add.php unrestricted upload — Simple Online Book Store SystemCWE-434 6.3 Medium2022-08-11
CVE-2022-2745 SourceCodester Gym Management System Add New Trainer add_trainers.php sql injection — Gym Management SystemCWE-89 6.3 Medium2022-08-11
CVE-2022-2744 SourceCodester Gym Management System Background Management add_exercises.php unrestricted upload — Gym Management SystemCWE-434 6.3 Medium2022-08-11
CVE-2022-2740 SourceCodester Company Website CMS Add Blog add-blog.php unrestricted upload — Company Website CMSCWE-434 6.3 Medium2022-08-11
CVE-2022-2736 SourceCodester Company Website CMS Background Upload Logo Icon updatelogo.php unrestricted upload — Company Website CMSCWE-434 6.3 Medium2022-08-11
CVE-2022-2728 SourceCodester Gym Management System index.php sql injection — Gym Management SystemCWE-89 6.3 Medium2022-08-09
CVE-2022-2727 SourceCodester Gym Management System login.php sql injection — Gym Management SystemCWE-89 6.3 Medium2022-08-09
CVE-2022-2725 SourceCodester Company Website CMS add-blog.php cross site scripting — Company Website CMSCWE-79 3.5 Low2022-08-09
CVE-2022-2724 SourceCodester Employee Management System aprocess.php sql injection — Employee Management SystemCWE-89 6.3 Medium2022-08-09
CVE-2022-2723 SourceCodester Employee Management System eprocess.php sql injection — Employee Management SystemCWE-89 6.3 Medium2022-08-09
CVE-2022-2722 SourceCodester Simple Student Information System manage_course.php sql injection — Simple Student Information SystemCWE-89 6.3 Medium2022-08-09
CVE-2022-2715 SourceCodester Employee Management System eloginwel.php sql injection — Employee Management SystemCWE-89 6.3 Medium2022-08-09
CVE-2022-2708 SourceCodester Gym Management System login.php sql injection — Gym Management SystemCWE-89 5.5 Medium2022-08-08
CVE-2022-2707 SourceCodester Online Class and Exam Scheduling System faculty_sched.php sql injection — Online Class and Exam Scheduling SystemCWE-89 6.3 Medium2022-08-08
CVE-2022-2706 SourceCodester Online Class and Exam Scheduling System class_sched.php sql injection — Online Class and Exam Scheduling SystemCWE-89 6.3 Medium2022-08-08
CVE-2022-2705 SourceCodester Simple Student Information System manage_department.php sql injection — Simple Student Information SystemCWE-89 6.3 Medium2022-08-08
CVE-2022-2704 SourceCodester Simple E-Learning System downloadFiles.php information disclosure — Simple E-Learning SystemCWE-200 4.3 Medium2022-08-08
CVE-2022-2703 SourceCodester Gym Management System Exercises Module sql injection — Gym Management SystemCWE-89 6.3 Medium2022-08-08
CVE-2022-2702 SourceCodester Company Website CMS Cookie site-settings.php access control — Company Website CMSCWE-284 7.3 High2022-08-08
CVE-2022-2701 SourceCodester Simple E-Learning System claire_blake cross site scripting — Simple E-Learning SystemCWE-79 3.5 Low2022-08-08
CVE-2022-2700 SourceCodester Gym Management System GET Parameter sql injection — Gym Management SystemCWE-89 4.7 Medium2022-08-08
CVE-2022-2699 SourceCodester Simple E-Learning System claire_blake sql injection — Simple E-Learning SystemCWE-89 6.3 Medium2022-08-08
CVE-2022-2698 SourceCodester Simple E-Learning System search.php sql injection — Simple E-Learning SystemCWE-89 6.3 Medium2022-08-07
CVE-2022-2697 SourceCodester Simple E-Learning System comment_frame.php sql injection — Simple E-Learning SystemCWE-89 6.3 Medium2022-08-07
CVE-2022-2694 SourceCodester Company Website CMS unrestricted upload — Company Website CMSCWE-434 6.3 Medium2022-08-06
CVE-2022-2693 SourceCodester Electronic Medical Records System UPDATE Statement register.php sql injection — Electronic Medical Records SystemCWE-89 6.3 Medium2022-08-06
CVE-2022-2692 SourceCodester Wedding Hall Booking System Staff User Profile cross site scripting — Wedding Hall Booking SystemCWE-79 3.5 Low2022-08-06
CVE-2022-2691 SourceCodester Wedding Hall Booking System Profile Page cross site scripting — Wedding Hall Booking SystemCWE-79 3.5 Low2022-08-06

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.