Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1769

Browse all 1769 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Online Tours & Travels Management System Pharmacy Sales and Inventory System Pet Grooming Management Software Kortex Lite Advocate Office Management System Pizzafy Ecommerce System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Online Graduate Tracer System Inventory Management System AC Repair and Services System Food Ordering Management System Hotel and Lodge Management System Computer Laboratory Management System Online Courseware Gym Management System Canteen Management System Patients Waiting Area Queue Management System
CVE IDTitleCVSSSeverityPublished
CVE-2026-1154 SourceCodester E-Learning System Lesson index.php cross site scripting — E-Learning SystemCWE-80 4.3 Medium2026-01-19
CVE-2026-1148 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System cross-site request forgery — Patients Waiting Area Queue Management SystemCWE-352 4.3 Medium2026-01-19
CVE-2026-1147 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System api_patient_schedule.php cross site scripting — Patients Waiting Area Queue Management SystemCWE-79 3.5 Low2026-01-19
CVE-2026-1146 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System api_register_patient.php cross site scripting — Patients Waiting Area Queue Management SystemCWE-79 3.5 Low2026-01-19
CVE-2026-0580 SourceCodester API Key Manager App Import Key cross site scripting — API Key Manager AppCWE-79 3.5 Low2026-01-05
CVE-2025-14885 SourceCodester Client Database Management System Leads Generation user_leads.php unrestricted upload — Client Database Management SystemCWE-434 6.3 Medium2025-12-18
CVE-2025-14530 SourceCodester Real Estate Property Listing App property.php unrestricted upload — Real Estate Property Listing AppCWE-434 4.7 Medium2025-12-11
CVE-2025-14229 SourceCodester Inventory Management System SVC Report Export csv injection — Inventory Management SystemCWE-1236 4.7 Medium2025-12-08
CVE-2025-14221 SourceCodester Online Banking System page cross site scripting — Online Banking SystemCWE-79 3.5 Low2025-12-08
CVE-2025-14206 SourceCodester Online Student Clearance System Fee Table delete-fee.php improper authorization — Online Student Clearance SystemCWE-285 6.5 Medium2025-12-08
CVE-2025-13586 SourceCodester Online Student Clearance System changepassword.php sql injection — Online Student Clearance SystemCWE-89 4.7 Medium2025-11-24
CVE-2025-13565 SourceCodester Inventory Management System resetPassword.php password recovery — Inventory Management SystemCWE-640 5.3 Medium2025-11-23
CVE-2025-13564 SourceCodester Pre-School Management System FilehelperController.php removefile denial of service — Pre-School Management SystemCWE-404 5.4 Medium2025-11-23
CVE-2025-13561 SourceCodester Company Website CMS index.php sql injection — Company Website CMSCWE-89 7.3 High2025-11-23
CVE-2025-13560 SourceCodester Company Website CMS reset-password.php sql injection — Company Website CMSCWE-89 7.3 High2025-11-23
CVE-2025-13468 SourceCodester Alumni Management System Delete admin_class.php delete_event authorization — Alumni Management SystemCWE-862 5.4 Medium2025-11-20
CVE-2025-13451 SourceCodester Online Shop Project action.php sql injection — Online Shop ProjectCWE-89 7.3 High2025-11-20
CVE-2025-13450 SourceCodester Online Shop Project register.php cross site scripting — Online Shop ProjectCWE-79 3.5 Low2025-11-20
CVE-2025-13349 SourceCodester Student Grades Management System Add New Grade grades.php cross site scripting — Student Grades Management SystemCWE-79 3.5 Low2025-11-18
CVE-2025-13347 SourceCodester Train Station Ticketing System ajax.php sql injection — Train Station Ticketing SystemCWE-89 6.3 Medium2025-11-18
CVE-2025-13346 SourceCodester Train Station Ticketing System ajax.php sql injection — Train Station Ticketing SystemCWE-89 6.3 Medium2025-11-18
CVE-2025-13345 SourceCodester Train Station Ticketing System ajax.php sql injection — Train Station Ticketing SystemCWE-89 6.3 Medium2025-11-18
CVE-2025-13344 SourceCodester Train Station Ticketing System ajax.php sql injection — Train Station Ticketing SystemCWE-89 7.3 High2025-11-18
CVE-2025-13343 SourceCodester Interview Management System editQuestion.php cross site scripting — Interview Management SystemCWE-79 3.5 Low2025-11-18
CVE-2025-13267 SourceCodester Dental Clinic Appointment Reservation System success.php sql injection — Dental Clinic Appointment Reservation SystemCWE-89 6.3 Medium2025-11-17
CVE-2025-13264 SourceCodester Online Magazine Management System view_magazine.php sql injection — Online Magazine Management SystemCWE-89 6.3 Medium2025-11-17
CVE-2025-13263 SourceCodester Online Magazine Management System categories.php sql injection — Online Magazine Management SystemCWE-89 6.3 Medium2025-11-17
CVE-2025-13248 SourceCodester Patients Waiting Area Queue Management System api_patient_schedule.php sql injection — Patients Waiting Area Queue Management SystemCWE-89 7.3 High2025-11-16
CVE-2025-13200 SourceCodester Farm Management System exposure of information through directory listing — Farm Management SystemCWE-548 5.3 Medium2025-11-15
CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection — Patients Waiting Area Queue Management SystemCWE-89 7.3 High2025-11-13

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.