Filtered by vendor Janobe
Subscribe
Total
170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-12294 | 1 Janobe | 1 Point Of Sales | 2026-04-29 | 5.8 MEDIUM | 4.7 MEDIUM |
| A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown function of the file /delete_category.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2026-2087 | 1 Janobe | 1 Online Class Record System | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. | |||||
| CVE-2025-12293 | 1 Janobe | 1 Point Of Sales | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-11480 | 1 Janobe | 1 Simple E-commerce Bookstore | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument register_username results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | |||||
| CVE-2026-2090 | 1 Janobe | 1 Online Class Record System | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argument term can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-13233 | 1 Janobe | 1 Inventory Management System | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-1154 | 1 Janobe | 1 E-learning System | 2026-04-29 | 5.0 MEDIUM | 4.3 MEDIUM |
| A flaw has been found in SourceCodester E-Learning System 1.0. This impacts an unknown function of the file /admin/modules/lesson/index.php of the component Lesson Module Handler. Executing a manipulation of the argument Title/Description can lead to basic cross site scripting. The attack can be executed remotely. The exploit has been published and may be used. | |||||
| CVE-2025-10479 | 1 Janobe | 1 Online Student File Management System | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-10627 | 1 Janobe | 1 Online Exam Form Submission | 2026-04-29 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /admin/delete_user.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2021-41646 | 1 Janobe | 1 Online Reviewer System | 2026-04-14 | 7.5 HIGH | 9.8 CRITICAL |
| Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. | |||||
| CVE-2023-2596 | 1 Janobe | 1 Online Reviewer System | 2026-04-14 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Reviewer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /reviewer/system/system/admins/manage/users/user-update.php of the component GET Parameter Handler. The manipulation of the argument user_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228398 is the identifier assigned to this vulnerability. | |||||
| CVE-2021-27130 | 1 Janobe | 1 Online Reviewer System | 2026-04-14 | 7.5 HIGH | 9.8 CRITICAL |
| Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload. | |||||
| CVE-2026-36236 | 1 Janobe | 1 Engineers Online Portal | 2026-04-14 | N/A | 9.8 CRITICAL |
| SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter. | |||||
| CVE-2026-36919 | 1 Janobe | 1 Online Reviewer System | 2026-04-14 | N/A | 2.7 LOW |
| Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php. | |||||
| CVE-2026-36920 | 1 Janobe | 1 Online Reviewer System | 2026-04-14 | N/A | 2.7 LOW |
| Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php. | |||||
| CVE-2024-48246 | 1 Janobe | 1 Vehicle Management System | 2025-12-31 | N/A | 5.4 MEDIUM |
| Vehicle Management System 1.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the "Name" parameter of /vehicle-management/booking.php. | |||||
| CVE-2022-2679 | 1 Janobe | 1 Interview Management System | 2025-11-25 | N/A | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Interview Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /viewReport.php. The manipulation of the argument id with the input (UPDATEXML(9729,CONCAT(0x2e,0x716b707071,(SELECT (ELT(9729=9729,1))),0x7162766a71),7319)) leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205667. | |||||
| CVE-2022-38576 | 1 Janobe | 1 Interview Management System | 2025-11-25 | N/A | 7.2 HIGH |
| Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /interview/delete.php?action=deletecand&id=. | |||||
| CVE-2022-38260 | 1 Janobe | 1 Interview Management System | 2025-11-25 | N/A | 7.2 HIGH |
| Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /interview/delete.php?action=questiondelete&id=. | |||||
| CVE-2022-2685 | 1 Janobe | 1 Interview Management System | 2025-11-25 | N/A | 3.5 LOW |
| A vulnerability was found in SourceCodester Interview Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /addQuestion.php. The manipulation of the argument question with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205673 was assigned to this vulnerability. | |||||